From f1af6a0fd89c7819b589f8168a570bcd35c0f727 Mon Sep 17 00:00:00 2001
From: tedu <>
Date: Wed, 4 Jun 2014 14:10:23 +0000
Subject: without overthinking it, replace a few memcmp calls with
 CRYPTO_memcmp where it is feasible to do so. better safe than sorry.

---
 src/lib/libssl/s3_clnt.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

(limited to 'src/lib/libssl/s3_clnt.c')

diff --git a/src/lib/libssl/s3_clnt.c b/src/lib/libssl/s3_clnt.c
index 052d23bbf4..2c3ce60fb3 100644
--- a/src/lib/libssl/s3_clnt.c
+++ b/src/lib/libssl/s3_clnt.c
@@ -887,9 +887,9 @@ ssl3_get_server_hello(SSL *s)
 	}
 
 	if (j != 0 && j == s->session->session_id_length &&
-	    memcmp(p, s->session->session_id, j) == 0) {
+	    CRYPTO_memcmp(p, s->session->session_id, j) == 0) {
 		if (s->sid_ctx_length != s->session->sid_ctx_length ||
-		    memcmp(s->session->sid_ctx,
+		    CRYPTO_memcmp(s->session->sid_ctx,
 		    s->sid_ctx, s->sid_ctx_length)) {
 			/* actually a client application bug */
 			al = SSL_AD_ILLEGAL_PARAMETER;
-- 
cgit v1.2.3-55-g6feb