Chiebot-Mirror
/
boringssl
8
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Make BN_clear_free a wrapper around BN_free.

Browse Source 
We clear all heap memory on free now, thus the difference between these
functions is quite small. There are some differences though:

Firstly, BN_clear_free will attempt to zero out static limb data.  But
static data is probably read-only and thus trying to zero it will crash.

Secondly it will try to zero out the BIGNUM structure itself. But either
it's on the heap, and will be zeroed anyway, or else it's on the stack,
and we don't try and clear the stack in general because the compiler is
duplicating bits of it at will anyway.

Change-Id: I8a07385a102cfd308b555432942225c25eb7c12d
Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45084
Reviewed-by: David Benjamin <davidben@google.com>
chromium-5359
Adam Langley 4 years ago committed by Adam Langley
parent c5e2cf3c07
commit 2d691ca60d
1 changed files with 1 additions and 20 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 21
      crypto/fipsmodule/bn/bn.c

21
crypto/fipsmodule/bn/bn.c
Unescape View File

@ -101,26 +101,7 @@ void BN_free(BIGNUM *bn) {
}
void BN_clear_free(BIGNUM *bn) {
char should_free;
if (bn == NULL) {
return;
}
if (bn->d != NULL) {
if ((bn->flags & BN_FLG_STATIC_DATA) == 0) {
OPENSSL_free(bn->d);
} else {
OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0]));
}
}
should_free = (bn->flags & BN_FLG_MALLOCED) != 0;
if (should_free) {
OPENSSL_free(bn);
} else {
OPENSSL_cleanse(bn, sizeof(BIGNUM));
}
BN_free(bn);
}
BIGNUM *BN_dup(const BIGNUM *src) {

Write Preview
Loading…
Cancel
Save