projects
/
openssl.git
/ commitdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
| commitdiff |
tree
raw
|
patch
| inline |
side by side
(from parent 1:
513d76f
)
Zero stack variable with DSA nonce
author
Rich Salz
<rsalz@openssl.org>
Tue, 8 Nov 2016 20:56:04 +0000
(15:56 -0500)
committer
Rich Salz
<rsalz@openssl.org>
Tue, 8 Nov 2016 22:20:13 +0000
(17:20 -0500)
Thanks to Falko Strenzke for bringing this to our attention.
Reviewed-by: Andy Polyakov <appro@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1882)
crypto/bn/bn_rand.c
patch
|
blob
|
history
diff --git
a/crypto/bn/bn_rand.c
b/crypto/bn/bn_rand.c
index c577fd169d63670527107d2963acc275e4d7a789..9ce4c5f6064515dae98dfb67ab6ff081556781bb 100644
(file)
--- a/
crypto/bn/bn_rand.c
+++ b/
crypto/bn/bn_rand.c
@@
-253,5
+253,6
@@
int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
err:
OPENSSL_free(k_bytes);
+ OPENSSL_cleanse(private_bytes, sizeof(private_bytes));
return ret;
}
projects / openssl.git / commitdiff