From: jsing Date: Fri, 14 Apr 2017 15:20:55 +0000 (+0000) Subject: Use freezero(3) in the CBB clean up path, since this could hold sensitive X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=2a6b7f1d923175ad963c8dfa5a8eae46ddf6705a;p=openbsd Use freezero(3) in the CBB clean up path, since this could hold sensitive information (such as master keys). --- diff --git a/lib/libssl/bs_cbb.c b/lib/libssl/bs_cbb.c index a84299f8a20..154a7964e6d 100644 --- a/lib/libssl/bs_cbb.c +++ b/lib/libssl/bs_cbb.c @@ -1,4 +1,4 @@ -/* $OpenBSD: bs_cbb.c,v 1.14 2017/03/10 15:16:20 jsing Exp $ */ +/* $OpenBSD: bs_cbb.c,v 1.15 2017/04/14 15:20:55 jsing Exp $ */ /* * Copyright (c) 2014, Google Inc. * @@ -80,8 +80,7 @@ CBB_cleanup(CBB *cbb) { if (cbb->base) { if (cbb->base->can_resize) - free(cbb->base->buf); - + freezero(cbb->base->buf, cbb->base->cap); free(cbb->base); } cbb->base = NULL;