From 9c5ef4ea486f675f33592b34775c3e453f60ee69 Mon Sep 17 00:00:00 2001 From: Dmitry Belyavskiy Date: Wed, 2 Jan 2019 15:47:07 +0300 Subject: [PATCH] Eliminate unused buffers from ssl3_change_cipher_state Reviewed-by: Tim Hudson Reviewed-by: Matt Caswell (Merged from https://github.com/openssl/openssl/pull/7971) --- ssl/s3_enc.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/ssl/s3_enc.c b/ssl/s3_enc.c index 9af4ccb087..4d884f47a2 100644 --- a/ssl/s3_enc.c +++ b/ssl/s3_enc.c @@ -90,8 +90,6 @@ static int ssl3_generate_key_block(SSL *s, unsigned char *km, int num) int ssl3_change_cipher_state(SSL *s, int which) { unsigned char *p, *mac_secret; - unsigned char exp_key[EVP_MAX_KEY_LENGTH]; - unsigned char exp_iv[EVP_MAX_IV_LENGTH]; unsigned char *ms, *key, *iv; EVP_CIPHER_CTX *dd; const EVP_CIPHER *c; @@ -239,12 +237,8 @@ int ssl3_change_cipher_state(SSL *s, int which) } s->statem.enc_write_state = ENC_WRITE_STATE_VALID; - OPENSSL_cleanse(exp_key, sizeof(exp_key)); - OPENSSL_cleanse(exp_iv, sizeof(exp_iv)); return 1; err: - OPENSSL_cleanse(exp_key, sizeof(exp_key)); - OPENSSL_cleanse(exp_iv, sizeof(exp_iv)); return 0; } -- 2.25.1