diff options
| author |   jsing <jsing@openbsd.org> | 2016-12-07 13:17:33 +0000 |
|---|---|---|
| committer | jsing <jsing@openbsd.org> | 2016-12-07 13:17:33 +0000 |
| commit | 48ab0265e22a3ebae2a57dbee42ddce57c10cded (patch) | |
| tree | 4bce0a397f21230f2c38e7c2c0416a23f4a8ac85 | |
| parent | Only skip moving the cursor if it is already in the last position _on (diff) | |
| download | wireguard-openbsd-48ab0265e22a3ebae2a57dbee42ddce57c10cded.tar.xz wireguard-openbsd-48ab0265e22a3ebae2a57dbee42ddce57c10cded.zip | |
Ensure that we zero memory used to hold the ASN.1 encoded session, since
this contains the session master key.
ok deraadt@ doug@
| -rw-r--r-- | lib/libssl/ssl_asn1.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/libssl/ssl_asn1.c b/lib/libssl/ssl_asn1.c index 1b938868685..a27858c955a 100644 --- a/lib/libssl/ssl_asn1.c +++ b/lib/libssl/ssl_asn1.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl_asn1.c,v 1.44 2016/12/03 12:34:35 jsing Exp $ */ +/* $OpenBSD: ssl_asn1.c,v 1.45 2016/12/07 13:17:33 jsing Exp $ */ /* * Copyright (c) 2016 Joel Sing <jsing@openbsd.org> @@ -206,6 +206,9 @@ i2d_SSL_SESSION(SSL_SESSION *s, unsigned char **pp) rv = (int)data_len; err: + if (data != NULL) + explicit_bzero(data, data_len); + CBB_cleanup(&session); free(peer_cert_bytes); free(data); |