diff options
author | Matt Caswell <matt@openssl.org> | 2015-09-16 11:47:15 +0200 |
---|---|---|
committer | Matt Caswell <matt@openssl.org> | 2015-09-17 23:29:08 +0200 |
commit | 020d8fc83fe1a94232db1ee1166309e2458a8a18 (patch) | |
tree | 808981aee3ae790284dd9f933066ade0017ea67d | |
parent | base64 decode: check for high bit (diff) | |
download | openssl-020d8fc83fe1a94232db1ee1166309e2458a8a18.tar.xz openssl-020d8fc83fe1a94232db1ee1166309e2458a8a18.zip |
Make sure OPENSSL_cleanse checks for NULL
In master we have the function OPENSSL_clear_free(x,y), which immediately
returns if x == NULL. In <=1.0.2 this function does not exist so we have to
do:
OPENSSL_cleanse(x, y);
OPENSSL_free(x);
However, previously, OPENSSL_cleanse did not check that if x == NULL, so
the real equivalent check would have to be:
if (x != NULL)
OPENSSL_cleanse(x, y);
OPENSSL_free(x);
It would be easy to get this wrong during cherry-picking to other branches
and therefore, for safety, it is best to just ensure OPENSSL_cleanse also
checks for NULL.
Reviewed-by: Rich Salz <rsalz@openssl.org>
-rw-r--r-- | crypto/mem_clr.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/crypto/mem_clr.c b/crypto/mem_clr.c index 3df1f3928d..1a06636d0c 100644 --- a/crypto/mem_clr.c +++ b/crypto/mem_clr.c @@ -66,6 +66,10 @@ void OPENSSL_cleanse(void *ptr, size_t len) { unsigned char *p = ptr; size_t loop = len, ctr = cleanse_ctr; + + if (ptr == NULL) + return; + while (loop--) { *(p++) = (unsigned char)ctr; ctr += (17 + ((size_t)p & 0xF)); |