If you're going to check for negative, use an signed integer! Coverity ID 122.

[openssl.git] / crypto / pkcs7 / bio_ber.c

diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c
index 42331f7ab0ea4f7c415809f545b50c820f053c52..31973fcd1fc56ae463ca9f46da598ca9e7b70e02 100644 (file)
--- a/crypto/pkcs7/bio_ber.c
+++ b/crypto/pkcs7/bio_ber.c
@@ -145,7 +145,7 @@ static int ber_free(BIO *a)
 
        if (a == NULL) return(0);
        b=(BIO_BER_CTX *)a->ptr;
-       memset(a->ptr,0,sizeof(BIO_BER_CTX));
+       OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX));
        OPENSSL_free(a->ptr);
        a->ptr=NULL;
        a->init=0;
@@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx)
                if ((ctx->buf_len < BER_BUF_SIZE) &&
                        (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG))
                        {
-                       ERR_get_error(); /* clear the error */
+                       ERR_clear_error(); /* clear the error */
                        BIO_set_retry_read(b);
                        }
                return(-1);