Clear the secret point in ecdh_simple_compute_key
authorBernd Edlinger <bernd.edlinger@hotmail.de>
Sun, 17 Mar 2019 08:48:15 +0000 (09:48 +0100)
committerBernd Edlinger <bernd.edlinger@hotmail.de>
Mon, 18 Mar 2019 21:27:56 +0000 (22:27 +0100)
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/8501)

crypto/ec/ecdh_ossl.c

index 40a564fb145b3e396eaaaacf757c963570871373..b63cab9d91670effc3f1f25fa4455026cd34049e 100644 (file)
@@ -112,7 +112,7 @@ int ecdh_simple_compute_key(unsigned char **pout, size_t *poutlen,
     ret = 1;
 
  err:
-    EC_POINT_free(tmp);
+    EC_POINT_clear_free(tmp);
     if (ctx)
         BN_CTX_end(ctx);
     BN_CTX_free(ctx);