From cff7d199e0dc51ae939de5fb7702aab2a9ef30fc Mon Sep 17 00:00:00 2001 From: Pauli Date: Wed, 20 Nov 2019 13:20:01 +1000 Subject: [PATCH] ECDSA: don't clear free memory after verify. Verifications are public, there is no need to clear the used storage before freeing it. Reviewed-by: Richard Levitte (Merged from https://github.com/openssl/openssl/pull/10475) --- crypto/ec/ecdsa_ossl.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/crypto/ec/ecdsa_ossl.c b/crypto/ec/ecdsa_ossl.c index 5593d5d68c..8de22ba910 100644 --- a/crypto/ec/ecdsa_ossl.c +++ b/crypto/ec/ecdsa_ossl.c @@ -344,7 +344,7 @@ int ossl_ecdsa_verify(int type, const unsigned char *dgst, int dgst_len, goto err; ret = ECDSA_do_verify(dgst, dgst_len, s, eckey); err: - OPENSSL_clear_free(der, derlen); + OPENSSL_free(der); ECDSA_SIG_free(s); return ret; } -- 2.25.1