From: Geoff Thorpe Date: Fri, 6 Jun 2003 17:51:34 +0000 (+0000) Subject: This memset() in the ubsec ENGINE is a bug. Zeroing out the result array X-Git-Tag: BEN_FIPS_TEST_1~38^2~72 X-Git-Url: https://git.librecmc.org/?a=commitdiff_plain;h=dcfb57c736c2591c80b40d40e5f3a664882fb738;p=oweals%2Fopenssl.git This memset() in the ubsec ENGINE is a bug. Zeroing out the result array should not be necessary in any case, but more importantly the result and input BIGNUMs could be the same, in which case this is clearly a problem. Submitted by: Jonathan Hersch Reviewed by: Joe Orton Approved by: Geoff Thorpe --- diff --git a/engines/e_ubsec.c b/engines/e_ubsec.c index 02927d7b38..b019714a56 100644 --- a/engines/e_ubsec.c +++ b/engines/e_ubsec.c @@ -566,7 +566,6 @@ static int ubsec_mod_exp(BIGNUM *r, const BIGNUM *a, const BIGNUM *p, UBSECerr(UBSEC_F_UBSEC_MOD_EXP, UBSEC_R_BN_EXPAND_FAIL); return 0; } - memset(r->d, 0, BN_num_bytes(m)); if ((fd = p_UBSEC_ubsec_open(UBSEC_KEY_DEVICE_NAME)) <= 0) { fd = 0;