Eliminate unused buffers from ssl3_change_cipher_state

author Dmitry Belyavskiy <beldmit@gmail.com>

Wed, 2 Jan 2019 12:47:07 +0000 (15:47 +0300)

committer Matt Caswell <matt@openssl.org>

Thu, 3 Jan 2019 14:17:31 +0000 (14:17 +0000)
author Dmitry Belyavskiy <beldmit@gmail.com>
Wed, 2 Jan 2019 12:47:07 +0000 (15:47 +0300)
committer Matt Caswell <matt@openssl.org>
Thu, 3 Jan 2019 14:17:31 +0000 (14:17 +0000)
diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c

index 9af4ccb087dd94618710a643830a91f07252e941..4d884f47a203e2530630f4575ddd1e900d9cdd64 100644 (file)
--- a/ssl/s3_enc.c
+++ b/ssl/s3_enc.c
@@ -90,8 +90,6 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num)
  int ssl3_change_cipher_state(SSL *s, int which)
  {
      unsigned char *p, *mac_secret;
-    unsigned char exp_key[EVP_MAX_KEY_LENGTH];
-    unsigned char exp_iv[EVP_MAX_IV_LENGTH];
      unsigned char *ms, *key, *iv;
      EVP_CIPHER_CTX *dd;
      const EVP_CIPHER *c;
@@ -239,12 +237,8 @@ int ssl3_change_cipher_state(SSL *s, int which)
      }
  
      s->statem.enc_write_state = ENC_WRITE_STATE_VALID;
-    OPENSSL_cleanse(exp_key, sizeof(exp_key));
-    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
      return 1;
   err:
-    OPENSSL_cleanse(exp_key, sizeof(exp_key));
-    OPENSSL_cleanse(exp_iv, sizeof(exp_iv));
      return 0;
  }
author	Dmitry Belyavskiy <beldmit@gmail.com>
	Wed, 2 Jan 2019 12:47:07 +0000 (15:47 +0300)
committer	Matt Caswell <matt@openssl.org>
	Thu, 3 Jan 2019 14:17:31 +0000 (14:17 +0000)