Make sure OPENSSL_cleanse checks for NULL
authorMatt Caswell <matt@openssl.org>
Wed, 16 Sep 2015 09:47:15 +0000 (10:47 +0100)
committerMatt Caswell <matt@openssl.org>
Thu, 17 Sep 2015 21:31:24 +0000 (22:31 +0100)
In master we have the function OPENSSL_clear_free(x,y), which immediately
returns if x == NULL. In <=1.0.2 this function does not exist so we have to
do:
OPENSSL_cleanse(x, y);
OPENSSL_free(x);

However, previously, OPENSSL_cleanse did not check that if x == NULL, so
the real equivalent check would have to be:
if (x != NULL)
    OPENSSL_cleanse(x, y);
OPENSSL_free(x);

It would be easy to get this wrong during cherry-picking to other branches
and therefore, for safety, it is best to just ensure OPENSSL_cleanse also
checks for NULL.

Reviewed-by: Rich Salz <rsalz@openssl.org>
(cherry picked from commit 020d8fc83fe1a94232db1ee1166309e2458a8a18)

crypto/mem_clr.c

index 3df1f3928d06881630978c8a688ede833f39fe4c..1a06636d0ce8da052d0dec9580362274208084fb 100644 (file)
@@ -66,6 +66,10 @@ void OPENSSL_cleanse(void *ptr, size_t len)
 {
     unsigned char *p = ptr;
     size_t loop = len, ctr = cleanse_ctr;
+
+    if (ptr == NULL)
+        return;
+
     while (loop--) {
         *(p++) = (unsigned char)ctr;
         ctr += (17 + ((size_t)p & 0xF));