diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-05-07 21:09:04 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-05-07 21:09:04 +0000 |
| commit | d505e15f0c7123c5297d61e1121b371034efa311 (patch) | |
| tree | 4d39e1e23ab61b5116c1fa22cdab1d5522e00591 | |
| parent | d60ac5db83dfe86653af21a0a7a8545b07344193 (diff) | |
with the first bug it uncovered fixed, clear all bignums again.
i've never worked on codebase so resistant to efforts to improve it.
| -rw-r--r-- | lib/libssl/src/crypto/bn/bn_lib.c | 26 |
1 files changed, 9 insertions, 17 deletions
diff --git a/lib/libssl/src/crypto/bn/bn_lib.c b/lib/libssl/src/crypto/bn/bn_lib.c index 6ec92826532..7ae14ee4d00 100644 --- a/lib/libssl/src/crypto/bn/bn_lib.c +++ b/lib/libssl/src/crypto/bn/bn_lib.c @@ -225,22 +225,11 @@ void BN_clear_free(BIGNUM *a) free(a); } -void BN_free(BIGNUM *a) - { - if (a == NULL) return; - bn_check_top(a); - if ((a->d != NULL) && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) - free(a->d); - if (a->flags & BN_FLG_MALLOCED) - free(a); - else - { -#ifndef OPENSSL_NO_DEPRECATED - a->flags|=BN_FLG_FREE; -#endif - a->d = NULL; - } - } +void +BN_free(BIGNUM *a) +{ + BN_clear_free(a); +} void BN_init(BIGNUM *a) { @@ -399,7 +388,10 @@ BIGNUM *bn_expand2(BIGNUM *b, int words) { BN_ULONG *a = bn_expand_internal(b, words); if(!a) return NULL; - if(b->d) free(b->d); + if(b->d) { + OPENSSL_cleanse(b->d, b->dmax * sizeof(b->d[0])); + free(b->d); + } b->d=a; b->dmax=words; } |