From: Matt Caswell <matt@openssl.org>
Date: Thu, 30 Apr 2015 13:04:30 +0000 (+0100)
Subject: Replace memset with OPENSSL_clear_free()
X-Git-Tag: OpenSSL_1_1_0-pre1~1013
X-Git-Url: https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff_plain;h=5d80fab086fe8849222613e20d7cf61839f94f5f;ds=sidebyside

Replace memset with OPENSSL_clear_free()

BUF_MEM_free() attempts to cleanse memory using memset immediately prior
to a free. This is at risk of being optimised away by the compiler, so
replace with a call to OPENSSL_clear_free() instead.

With thanks to the Open Crypto Audit Project for reporting this issue.

Reviewed-by: Stephen Henson <steve@openssl.org>
---

diff --git a/crypto/buffer/buffer.c b/crypto/buffer/buffer.c
index 37e5484dbd..2beacce6d7 100644
--- a/crypto/buffer/buffer.c
+++ b/crypto/buffer/buffer.c
@@ -88,8 +88,7 @@ void BUF_MEM_free(BUF_MEM *a)
         return;
 
     if (a->data != NULL) {
-        memset(a->data, 0, (unsigned int)a->max);
-        OPENSSL_free(a->data);
+        OPENSSL_clear_free(a->data, a->max);
     }
     OPENSSL_free(a);
 }