diff options
| author | bcook <> | 2019-07-25 11:41:03 +0000 |
|---|---|---|
| committer | bcook <> | 2019-07-25 11:41:03 +0000 |
| commit | 0cd109564e52d81e6dc56f1e814305d5a4b1c901 (patch) | |
| tree | 66f1c1f24198af630584f7219e4bd49758da54fe | |
| parent | e12a841908623a032f8517da39e197477d8f516d (diff) | |
| download | openbsd-0cd109564e52d81e6dc56f1e814305d5a4b1c901.tar.gz openbsd-0cd109564e52d81e6dc56f1e814305d5a4b1c901.tar.bz2 openbsd-0cd109564e52d81e6dc56f1e814305d5a4b1c901.zip | |
zero tmpkeyiv buffer after use when encrypting
from Steven Roberts
| -rw-r--r-- | src/usr.bin/openssl/enc.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/usr.bin/openssl/enc.c b/src/usr.bin/openssl/enc.c index 8518ff4c9d..3aeaac648c 100644 --- a/src/usr.bin/openssl/enc.c +++ b/src/usr.bin/openssl/enc.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: enc.c,v 1.21 2019/07/14 03:30:45 guenther Exp $ */ | 1 | /* $OpenBSD: enc.c,v 1.22 2019/07/25 11:41:03 bcook Exp $ */ |
| 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) | 2 | /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com) |
| 3 | * All rights reserved. | 3 | * All rights reserved. |
| 4 | * | 4 | * |
| @@ -632,7 +632,9 @@ enc_main(int argc, char **argv) | |||
| 632 | } | 632 | } |
| 633 | /* split and move data back to global buffer */ | 633 | /* split and move data back to global buffer */ |
| 634 | memcpy(key, tmpkeyiv, iklen); | 634 | memcpy(key, tmpkeyiv, iklen); |
| 635 | memcpy(iv, tmpkeyiv+iklen, ivlen); | 635 | memcpy(iv, tmpkeyiv + iklen, ivlen); |
| 636 | /* zero the tmpkeyiv buffer */ | ||
| 637 | explicit_bzero(tmpkeyiv, sizeof tmpkeyiv); | ||
| 636 | } else { | 638 | } else { |
| 637 | EVP_BytesToKey(enc_config.cipher, dgst, sptr, | 639 | EVP_BytesToKey(enc_config.cipher, dgst, sptr, |
| 638 | (unsigned char *)enc_config.keystr, | 640 | (unsigned char *)enc_config.keystr, |