remove OPENSSL_realloc_clean usage here - replace with intrinsics to make

it obvious what should happen. ok tedu@
author: beck <beck@openbsd.org> 2014-04-17 16:30:59 +0000
committer: beck <beck@openbsd.org> 2014-04-17 16:30:59 +0000
commit: 8df6eeefceb4403224b672a6e0b97b6ddf378410 (patch)
tree: 9d174dc7f9ac472072d28fbaabc02e910ad51db4 /lib/libcrypto/buffer/buffer.c
parent: Fully kill FIPS API. Forcible certification conflicts with the goals of a (diff)
download: wireguard-openbsd-8df6eeefceb4403224b672a6e0b97b6ddf378410.tar.xz
wireguard-openbsd-8df6eeefceb4403224b672a6e0b97b6ddf378410.zip
1 files changed, 7 insertions, 4 deletions
diff --git a/lib/libcrypto/buffer/buffer.c b/lib/libcrypto/buffer/buffer.c
index 4bd55c04ae5..a50c30a3485 100644
--- a/lib/libcrypto/buffer/buffer.c
+++ b/lib/libcrypto/buffer/buffer.c
@@ -153,10 +153,13 @@ BUF_MEM_grow_clean(BUF_MEM *str, size_t len)
 		return 0;
 	}
 	n = (len + 3) / 3 * 4;
-	if (str->data == NULL)
-		ret = malloc(n);
-	else
-		ret = OPENSSL_realloc_clean(str->data, str->max, n);
+	ret = malloc(n);
+	/* we're not shrinking - that case returns above */
+	if ((ret != NULL)  && (str->data != NULL)) {
+		memcpy(ret, str->data, str->max);
+		explicit_bzero(str->data, str->max);
+		free(str->data);
+	}
 	if (ret == NULL) {
 		BUFerr(BUF_F_BUF_MEM_GROW_CLEAN, ERR_R_MALLOC_FAILURE);
 		len = 0;
author	beck <beck@openbsd.org>	2014-04-17 16:30:59 +0000
committer	beck <beck@openbsd.org>	2014-04-17 16:30:59 +0000
commit	8df6eeefceb4403224b672a6e0b97b6ddf378410 (patch)
tree	9d174dc7f9ac472072d28fbaabc02e910ad51db4 /lib/libcrypto/buffer/buffer.c
parent	Fully kill FIPS API. Forcible certification conflicts with the goals of a (diff)
download	wireguard-openbsd-8df6eeefceb4403224b672a6e0b97b6ddf378410.tar.xz wireguard-openbsd-8df6eeefceb4403224b672a6e0b97b6ddf378410.zip