Use OPENSSL_secure_clear_free in PEM_read_bio_PrivateKey and PEM_read_bio_ex

Reviewed-by: Rich Salz <rsalz@openssl.org>
(Merged from https://github.com/openssl/openssl/pull/4044)

diff --git a/crypto/pem/pem_lib.c b/crypto/pem/pem_lib.c
index 2a52aca3b703ec9864ec597ab53abb4f48d8aa11..cfe2fa6fac6482353030ba2c6e4a23b8ea1d1770 100644 (file)
--- a/crypto/pem/pem_lib.c
+++ b/crypto/pem/pem_lib.c
@@ -220,10 +220,10 @@ static int check_pem(const char *nm, const char *name)
     return 0;
 }
 
-static void pem_free(void *p, unsigned int flags)
+static void pem_free(void *p, unsigned int flags, size_t num)
 {
     if (flags & PEM_FLAG_SECURE)
-        OPENSSL_secure_free(p);
+        OPENSSL_secure_clear_free(p, num);
     else
         OPENSSL_free(p);
 }
@@ -242,13 +242,13 @@ static int pem_bytes_read_bio_flags(unsigned char **pdata, long *plen,
     EVP_CIPHER_INFO cipher;
     char *nm = NULL, *header = NULL;
     unsigned char *data = NULL;
-    long len;
+    long len = 0;
     int ret = 0;
 
     do {
-        pem_free(nm, flags);
-        pem_free(header, flags);
-        pem_free(data, flags);
+        pem_free(nm, flags, 0);
+        pem_free(header, flags, 0);
+        pem_free(data, flags, len);
         if (!PEM_read_bio_ex(bp, &nm, &header, &data, &len, flags)) {
             if (ERR_GET_REASON(ERR_peek_error()) == PEM_R_NO_START_LINE)
                 ERR_add_error_data(2, "Expecting: ", name);
@@ -270,10 +270,10 @@ static int pem_bytes_read_bio_flags(unsigned char **pdata, long *plen,
 
  err:
     if (!ret || pnm == NULL)
-        pem_free(nm, flags);
-    pem_free(header, flags);
+        pem_free(nm, flags, 0);
+    pem_free(header, flags, 0);
     if (!ret)
-        pem_free(data, flags);
+        pem_free(data, flags, len);
     return ret;
 }
 
@@ -767,7 +767,7 @@ static int get_name(BIO *bp, char **name, unsigned int flags)
     ret = 1;
 
 err:
-    pem_free(linebuf, flags);
+    pem_free(linebuf, flags, LINESIZE + 1);
     return ret;
 }
 
@@ -875,7 +875,7 @@ static int get_header_and_data(BIO *bp, BIO **header, BIO **data, char *name,
 
     ret = 1;
 err:
-    pem_free(linebuf, flags);
+    pem_free(linebuf, flags, LINESIZE + 1);
     return ret;
 }
 
@@ -943,8 +943,8 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header,
     *header = pem_malloc(headerlen + 1, flags);
     *data = pem_malloc(len, flags);
     if (*header == NULL || *data == NULL) {
-        pem_free(*header, flags);
-        pem_free(*data, flags);
+        pem_free(*header, flags, 0);
+        pem_free(*data, flags, 0);
         goto end;
     }
     BIO_read(headerB, *header, headerlen);
@@ -957,7 +957,7 @@ int PEM_read_bio_ex(BIO *bp, char **name_out, char **header,
 
 end:
     EVP_ENCODE_CTX_free(ctx);
-    pem_free(name, flags);
+    pem_free(name, flags, 0);
     BIO_free(headerB);
     BIO_free(dataB);
     return ret;

diff --git a/crypto/pem/pem_pkey.c b/crypto/pem/pem_pkey.c
index 42ec933efdbad8b0ceb408e7405eb4dc9a31fe1e..ffceb69f0b36672d201a14b0a35939c6ae49eb04 100644 (file)
--- a/crypto/pem/pem_pkey.c
+++ b/crypto/pem/pem_pkey.c
@@ -88,7 +88,7 @@ EVP_PKEY *PEM_read_bio_PrivateKey(BIO *bp, EVP_PKEY **x, pem_password_cb *cb,
         PEMerr(PEM_F_PEM_READ_BIO_PRIVATEKEY, ERR_R_ASN1_LIB);
  err:
     OPENSSL_secure_free(nm);
-    OPENSSL_secure_free(data);
+    OPENSSL_secure_clear_free(data, len);
     return (ret);
 }