From: Richard Levitte <levitte@openssl.org>
Date: Mon, 4 Apr 2016 14:55:12 +0000 (+0200)
Subject: Make sure the rand_byte buffer in padlock engine is cleansed.
X-Git-Tag: OpenSSL_1_1_0-pre5~144
X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=6c13488c4e75ef839bc07a3ce428289aef4bd267;p=oweals%2Fopenssl.git

Make sure the rand_byte buffer in padlock engine is cleansed.

Submitted by Michael McConville <mmcco@mykolab.com>

Reviewed-by: Rich Salz <rsalz@openssl.org>
---

diff --git a/engines/e_padlock.c b/engines/e_padlock.c
index 96e7483729..f474f50ca7 100644
--- a/engines/e_padlock.c
+++ b/engines/e_padlock.c
@@ -776,7 +776,7 @@ static int padlock_rand_bytes(unsigned char *output, int count)
         *output++ = (unsigned char)buf;
         count--;
     }
-    *(volatile unsigned int *)&buf = 0;
+    OPENSSL_cleanse(&buf, sizeof(buf));
 
     return 1;
 }