Zero memory in CRYPTO_secure_malloc.
authorPauli <paul.dale@oracle.com>
Tue, 21 Aug 2018 23:20:18 +0000 (09:20 +1000)
committerPauli <paul.dale@oracle.com>
Tue, 21 Aug 2018 23:20:18 +0000 (09:20 +1000)
commit3b8e97ab61624f4fbe8bb6a587f4da75cc3d988e
tree60f91e72218af0b60e81ab54324d9f9825124e90
parentd41a8319272968596a5daa1870007f2adf1e75ee
Zero memory in CRYPTO_secure_malloc.

This commit destroys the free list pointers which would otherwise be
present in the returned memory blocks.  This in turn helps prevent
information leakage from the secure memory area.

Note: CRYPTO_secure_malloc is not guaranteed to return zeroed memory:
before the secure memory system is initialised or if it isn't implemented.

Reviewed-by: Tim Hudson <tjh@openssl.org>
Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com>
(Merged from https://github.com/openssl/openssl/pull/7011)
crypto/mem_sec.c
test/secmemtest.c