From: Dmitry Belyavskiy Date: Wed, 2 Jan 2019 12:47:07 +0000 (+0300) Subject: Eliminate unused buffers from ssl3_change_cipher_state X-Git-Tag: OpenSSL_1_1_1b~101 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=d7389c8261b5c9ca8cfd2b7d3e58f24c9003f650;p=oweals%2Fopenssl.git Eliminate unused buffers from ssl3_change_cipher_state Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7971) (cherry picked from commit 9c5ef4ea486f675f33592b34775c3e453f60ee69) --- diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index fca84ef99a..d0acf29170 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -90,8 +90,6 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) int ssl3_change_cipher_state(SSL *s, int which) { unsigned char *p, *mac_secret; - unsigned char exp_key[EVP_MAX_KEY_LENGTH]; - unsigned char exp_iv[EVP_MAX_IV_LENGTH]; unsigned char *ms, *key, *iv; EVP_CIPHER_CTX *dd; const EVP_CIPHER *c; @@ -239,12 +237,8 @@ int ssl3_change_cipher_state(SSL *s, int which) } s->statem.enc_write_state = ENC_WRITE_STATE_VALID; - OPENSSL_cleanse(exp_key, sizeof(exp_key)); - OPENSSL_cleanse(exp_iv, sizeof(exp_iv)); return 1; err: - OPENSSL_cleanse(exp_key, sizeof(exp_key)); - OPENSSL_cleanse(exp_iv, sizeof(exp_iv)); return 0; }