If you're going to check for negative, use an signed integer! Coverity ID 122.

[openssl.git] / crypto / pkcs7 / bio_ber.c

diff --git a/crypto/pkcs7/bio_ber.c b/crypto/pkcs7/bio_ber.c
index 5447e69818619a1e0a4ec9954d95b5ac53d5250b..31973fcd1fc56ae463ca9f46da598ca9e7b70e02 100644 (file)
--- a/crypto/pkcs7/bio_ber.c
+++ b/crypto/pkcs7/bio_ber.c
@@ -145,7 +145,7 @@ static int ber_free(BIO *a)
 
        if (a == NULL) return(0);
        b=(BIO_BER_CTX *)a->ptr;
-       memset(a->ptr,0,sizeof(BIO_BER_CTX));
+       OPENSSL_cleanse(a->ptr,sizeof(BIO_BER_CTX));
        OPENSSL_free(a->ptr);
        a->ptr=NULL;
        a->init=0;
@@ -204,7 +204,7 @@ int bio_ber_get_header(BIO *bio, BIO_BER_CTX *ctx)
                if ((ctx->buf_len < BER_BUF_SIZE) &&
                        (ERR_GET_REASON(ERR_peek_error()) == ASN1_R_TOO_LONG))
                        {
-                       ERR_get_error(); /* clear the error */
+                       ERR_clear_error(); /* clear the error */
                        BIO_set_retry_read(b);
                        }
                return(-1);
@@ -339,7 +339,7 @@ static long ber_ctrl(BIO *b, int cmd, long num, char *ptr)
        case BIO_CTRL_RESET:
                ctx->ok=1;
                ctx->finished=0;
-               EVP_CipherInit(&(ctx->cipher),NULL,NULL,NULL,
+               EVP_CipherInit_ex(&(ctx->cipher),NULL,NULL,NULL,NULL,
                        ctx->cipher.berrypt);
                ret=BIO_ctrl(b->next_bio,cmd,num,ptr);
                break;
@@ -376,7 +376,7 @@ again:
                        {
                        ctx->finished=1;
                        ctx->buf_off=0;
-                       ret=EVP_CipherFinal(&(ctx->cipher),
+                       ret=EVP_CipherFinal_ex(&(ctx->cipher),
                                (unsigned char *)ctx->buf,
                                &(ctx->buf_len));
                        ctx->ok=(int)ret;
@@ -458,7 +458,7 @@ void BIO_set_cipher(BIO *b, EVP_CIPHER *c, unsigned char *k, unsigned char *i,
 
        b->init=1;
        ctx=(BIO_ENC_CTX *)b->ptr;
-       EVP_CipherInit(&(ctx->cipher),c,k,i,e);
+       EVP_CipherInit_ex(&(ctx->cipher),c,NULL,k,i,e);
        
        if (b->callback != NULL)
                b->callback(b,BIO_CB_CTRL,(char *)c,BIO_CTRL_SET,e,1L);