diff options
| author | Ted Unangst <tedu@cvs.openbsd.org> | 2014-05-07 21:06:06 +0000 |
|---|---|---|
| committer | Ted Unangst <tedu@cvs.openbsd.org> | 2014-05-07 21:06:06 +0000 |
| commit | d60ac5db83dfe86653af21a0a7a8545b07344193 (patch) | |
| tree | 1582d72e7f13acbd1c307e9a59d77c6823c6af87 | |
| parent | 86c06ff20f05c75346eda596140147c4bbd51c83 (diff) | |
in BN_clear_free, don't cleanse the data if the static data flag is set.
much debugging work done by otto. ok miod otto.
side note: BN_FLG_STATIC_DATA doesn't actually mean the data is static.
it's also used to indicate the data may be secretly shared behind your back
as a sort of poor man's refcounting, but without the refcounting.
| -rw-r--r-- | lib/libssl/src/crypto/bn/bn_lib.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/lib/libssl/src/crypto/bn/bn_lib.c b/lib/libssl/src/crypto/bn/bn_lib.c index 9787a31dbbf..6ec92826532 100644 --- a/lib/libssl/src/crypto/bn/bn_lib.c +++ b/lib/libssl/src/crypto/bn/bn_lib.c @@ -214,11 +214,10 @@ void BN_clear_free(BIGNUM *a) if (a == NULL) return; bn_check_top(a); - if (a->d != NULL) + if (a->d != NULL && !(BN_get_flags(a,BN_FLG_STATIC_DATA))) { OPENSSL_cleanse(a->d,a->dmax*sizeof(a->d[0])); - if (!(BN_get_flags(a,BN_FLG_STATIC_DATA))) - free(a->d); + free(a->d); } i=BN_get_flags(a,BN_FLG_MALLOCED); OPENSSL_cleanse(a,sizeof(BIGNUM)); |