From: Richard Levitte <levitte@openssl.org>
Date: Wed, 21 May 2003 14:35:04 +0000 (+0000)
Subject: Cleanse the MD context properly when done adding or getting random data.
X-Git-Tag: OpenSSL_0_9_6k~31
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=528c1ad2aee55aa26e0641a561f4cc01a6077116;p=oweals%2Fopenssl.git

Cleanse the MD context properly when done adding or getting random data.
PR: 619
---

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 5df32b4fe6..334e0bbfb1 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -292,7 +292,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 				st_idx=0;
 			}
 		}
-	memset((char *)&m,0,sizeof(m));
+	OPENSSL_cleanse((char *)&m,0,sizeof(m));
 
 	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	/* Don't just copy back local_md into md -- this could mean that
@@ -493,7 +493,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	MD_Final(md,&m);
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
-	memset(&m,0,sizeof(m));
+	OPENSSL_cleanse(&m,0,sizeof(m));
 	if (ok)
 		return(1);
 	else