From: Dmitry Belyavskiy <beldmit@gmail.com>
Date: Wed, 2 Jan 2019 12:47:07 +0000 (+0300)
Subject: Eliminate unused buffers from ssl3_change_cipher_state
X-Git-Tag: openssl-3.0.0-alpha1~2669
X-Git-Url: https://git.openssl.org/?p=openssl.git;a=commitdiff_plain;h=9c5ef4ea486f675f33592b34775c3e453f60ee69;ds=sidebyside

Eliminate unused buffers from ssl3_change_cipher_state

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matt Caswell <matt@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/7971)
---

diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c
index 9af4ccb087..4d884f47a2 100644
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -90,8 +90,6 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
 int ssl3_change_cipher_state(SSL *s, int which)
 {
     unsigned char *p, *mac_secret;
-    unsigned char exp_key[EVP_MAX_KEY_LENGTH];
-    unsigned char exp_iv[EVP_MAX_IV_LENGTH];
     unsigned char *ms, *key, *iv;
     EVP_CIPHER_CTX *dd;
     const EVP_CIPHER *c;
@@ -239,12 +237,8 @@ int ssl3_change_cipher_state(SSL *s, int which)
     }
 
     s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
-    OPENSSL_cleanse(exp_key, sizeof(exp_key));
-    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
     return 1;
  err:
-    OPENSSL_cleanse(exp_key, sizeof(exp_key));
-    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
     return 0;
 }