Fix undefined behaviour in e_aes_cbc_hmac_sha256.c and e_aes_cbc_hmac_sha1.c

[oweals/openssl.git] / crypto / poly1305 / poly1305.c

diff --git a/crypto/poly1305/poly1305.c b/crypto/poly1305/poly1305.c
index a7c4a0824efbf39a7ec6cd5cdf3c168608869da9..eec4d67f0c66f65eebe69c8c26212d7825545011 100644 (file)
--- a/crypto/poly1305/poly1305.c
+++ b/crypto/poly1305/poly1305.c
@@ -1,12 +1,15 @@
-/* ====================================================================
- * Copyright (c) 2015 The OpenSSL Project. All rights reserved.
+/*
+ * Copyright 2015-2016 The OpenSSL Project Authors. All Rights Reserved.
  *
- * Rights for redistribution and usage in source and binary
- * forms are granted according to the OpenSSL license.
+ * Licensed under the OpenSSL license (the "License").  You may not use
+ * this file except in compliance with the License.  You can obtain a copy
+ * in the file LICENSE in the source distribution or at
+ * https://www.openssl.org/source/license.html
  */
 
 #include <stdlib.h>
 #include <string.h>
+#include <openssl/crypto.h>
 
 #include "internal/poly1305.h"
 
@@ -543,7 +546,7 @@ void Poly1305_Final(POLY1305 *ctx, unsigned char mac[16])
     poly1305_emit(ctx->opaque, mac, ctx->nonce);
 
     /* zero out the state */
-    memset(ctx, 0, sizeof(*ctx));
+    OPENSSL_cleanse(ctx, sizeof(*ctx));
 }
 
 #ifdef SELFTEST
@@ -871,14 +874,11 @@ static const struct poly1305_test poly1305_tests[] = {
 
 static unsigned char hex_digit(char h)
 {
-    if (h >= '0' && h <= '9')
-        return h - '0';
-    else if (h >= 'a' && h <= 'f')
-        return h - 'a' + 10;
-    else if (h >= 'A' && h <= 'F')
-        return h - 'A' + 10;
-    else
+    int i = OPENSSL_hexchar2int(h);
+
+    if (i < 0)
         abort();
+    return i;
 }
 
 static void hex_decode(unsigned char *out, const char *hex)