generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Add and use OPENSSL_zalloc

Browse Source 
There are many places (nearly 50) where we malloc and then memset.
Add an OPENSSL_zalloc routine to encapsulate that.
(Missed one conversion; thanks Richard)
Also fixes GH328

Reviewed-by: Richard Levitte <levitte@openssl.org>
This commit is contained in:
Rich Salz
2015-08-25 13:25:58 -04:00
committed by Rich Salz
parent 66e87a9f09
commit b51bce9420
45 changed files with 82 additions and 168 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
crypto/rsa/rsa_pk1.c
View File

@@ -203,12 +203,11 @@ int RSA_padding_check_PKCS1_type_2(unsigned char *to, int tlen,
if (num < 11)
goto err;
em = OPENSSL_malloc(num);
em = OPENSSL_zalloc(num);
if (em == NULL) {
RSAerr(RSA_F_RSA_PADDING_CHECK_PKCS1_TYPE_2, ERR_R_MALLOC_FAILURE);
return -1;
}
memset(em, 0, num);
/*
* Always do this zero-padding copy (even when num == flen) to avoid
* leaking that information. The copy still leaks some side-channel