From 515d0ec8f042562c281242793115c9b61bd2b8ab Mon Sep 17 00:00:00 2001 From: jsing Date: Thu, 12 May 2022 19:24:38 +0000 Subject: [PATCH] Use freezero() with ASN1_ENCODING. While ASN1_ENCODING is currently only used with types that should only contain public information, we assume that ASN.1 may contain sensitive information, hence use freezero() here instead of free(). ok deraadt@ tb@ --- lib/libcrypto/asn1/tasn_utl.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/lib/libcrypto/asn1/tasn_utl.c b/lib/libcrypto/asn1/tasn_utl.c index 4ef4232c7e8..e3b2c9e4dc6 100644 --- a/lib/libcrypto/asn1/tasn_utl.c +++ b/lib/libcrypto/asn1/tasn_utl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: tasn_utl.c,v 1.14 2022/05/10 05:19:23 jsing Exp $ */ +/* $OpenBSD: tasn_utl.c,v 1.15 2022/05/12 19:24:38 jsing Exp $ */ /* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL * project 2000. */ @@ -153,7 +153,7 @@ asn1_enc_free(ASN1_VALUE **pval, const ASN1_ITEM *it) enc = asn1_get_enc_ptr(pval, it); if (enc) { - free(enc->enc); + freezero(enc->enc, enc->len); enc->enc = NULL; enc->len = 0; enc->modified = 1; @@ -170,7 +170,7 @@ asn1_enc_save(ASN1_VALUE **pval, const unsigned char *in, int inlen, if (!enc) return 1; - free(enc->enc); + freezero(enc->enc, enc->len); enc->enc = malloc(inlen); if (!enc->enc) return 0; -- 2.20.1