diff options
| author | Richard Levitte <levitte@openssl.org> | 2002-11-28 11:09:03 +0300 |
|---|---|---|
| committer | Richard Levitte <levitte@openssl.org> | 2002-11-28 11:09:03 +0300 |
| commit | 75e3026a14339f3818fe57281979b7ee85399d43 (patch) | |
| tree | ec56a26b6c553d120df76142a2b6241ac322b4c9 /apps | |
| parent | 0a3af9a4038045ba59bcf10a4f9e0b6bb5107cd8 (diff) | |
Cleanse memory using the new OPENSSL_cleanse() function.
I've covered all the memset()s I felt safe modifying, but may have missed some.
Diffstat (limited to 'apps')
| -rw-r--r-- | apps/apps.c | 6 | ||||
| -rw-r--r-- | apps/ca.c | 2 | ||||
| -rw-r--r-- | apps/dgst.c | 2 | ||||
| -rw-r--r-- | apps/enc.c | 4 | ||||
| -rw-r--r-- | apps/s_client.c | 6 | ||||
| -rw-r--r-- | apps/s_server.c | 2 |
6 files changed, 11 insertions, 11 deletions
diff --git a/apps/apps.c b/apps/apps.c index 271dfa1439..4a8c9263a7 100644 --- a/apps/apps.c +++ b/apps/apps.c @@ -615,7 +615,7 @@ int password_callback(char *buf, int bufsiz, int verify, if (buff) { - memset(buff,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buff,(unsigned int)bufsiz); OPENSSL_free(buff); } @@ -625,13 +625,13 @@ int password_callback(char *buf, int bufsiz, int verify, { BIO_printf(bio_err, "User interface error\n"); ERR_print_errors(bio_err); - memset(buf,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buf,(unsigned int)bufsiz); res = 0; } if (ok == -2) { BIO_printf(bio_err,"aborted!\n"); - memset(buf,0,(unsigned int)bufsiz); + OPENSSL_cleanse(buf,(unsigned int)bufsiz); res = 0; } UI_free(ui); @@ -706,7 +706,7 @@ bad: } pkey = load_key(bio_err, keyfile, keyform, 0, key, e, "CA private key"); - if (key) memset(key,0,strlen(key)); + if (key) OPENSSL_cleanse(key,strlen(key)); if (pkey == NULL) { /* load_key() has already printed an appropriate message */ diff --git a/apps/dgst.c b/apps/dgst.c index dd65a591f5..c4bb7a1061 100644 --- a/apps/dgst.c +++ b/apps/dgst.c @@ -356,7 +356,7 @@ int MAIN(int argc, char **argv) end: if (buf != NULL) { - memset(buf,0,BUFSIZE); + OPENSSL_cleanse(buf,BUFSIZE); OPENSSL_free(buf); } if (in != NULL) BIO_free(in); diff --git a/apps/enc.c b/apps/enc.c index eff5c5610e..bae7f21d79 100644 --- a/apps/enc.c +++ b/apps/enc.c @@ -481,9 +481,9 @@ bad: * bug picked up by * Larry J. Hughes Jr. <hughes@indiana.edu> */ if (str == strbuf) - memset(str,0,SIZE); + OPENSSL_cleanse(str,SIZE); else - memset(str,0,strlen(str)); + OPENSSL_cleanse(str,strlen(str)); } if ((hiv != NULL) && !set_hex(hiv,iv,sizeof iv)) { diff --git a/apps/s_client.c b/apps/s_client.c index 3b018ff0e0..7b1fa7b22b 100644 --- a/apps/s_client.c +++ b/apps/s_client.c @@ -908,9 +908,9 @@ end: if (con != NULL) SSL_free(con); if (con2 != NULL) SSL_free(con2); if (ctx != NULL) SSL_CTX_free(ctx); - if (cbuf != NULL) { memset(cbuf,0,BUFSIZZ); OPENSSL_free(cbuf); } - if (sbuf != NULL) { memset(sbuf,0,BUFSIZZ); OPENSSL_free(sbuf); } - if (mbuf != NULL) { memset(mbuf,0,BUFSIZZ); OPENSSL_free(mbuf); } + if (cbuf != NULL) { OPENSSL_cleanse(cbuf,BUFSIZZ); OPENSSL_free(cbuf); } + if (sbuf != NULL) { OPENSSL_cleanse(sbuf,BUFSIZZ); OPENSSL_free(sbuf); } + if (mbuf != NULL) { OPENSSL_cleanse(mbuf,BUFSIZZ); OPENSSL_free(mbuf); } if (bio_c_out != NULL) { BIO_free(bio_c_out); diff --git a/apps/s_server.c b/apps/s_server.c index 7a74c41020..94dd59becc 100644 --- a/apps/s_server.c +++ b/apps/s_server.c @@ -1184,7 +1184,7 @@ err: BIO_printf(bio_s_out,"CONNECTION CLOSED\n"); if (buf != NULL) { - memset(buf,0,bufsize); + OPENSSL_cleanse(buf,bufsize); OPENSSL_free(buf); } if (ret >= 0) |