From 2d691ca60ddb535a7a54fb07fd2252bd6017bee7 Mon Sep 17 00:00:00 2001 From: Adam Langley Date: Tue, 19 Jan 2021 14:11:16 -0800 Subject: [PATCH] Make BN_clear_free a wrapper around BN_free. We clear all heap memory on free now, thus the difference between these functions is quite small. There are some differences though: Firstly, BN_clear_free will attempt to zero out static limb data. But static data is probably read-only and thus trying to zero it will crash. Secondly it will try to zero out the BIGNUM structure itself. But either it's on the heap, and will be zeroed anyway, or else it's on the stack, and we don't try and clear the stack in general because the compiler is duplicating bits of it at will anyway. Change-Id: I8a07385a102cfd308b555432942225c25eb7c12d Reviewed-on: https://boringssl-review.googlesource.com/c/boringssl/+/45084 Reviewed-by: David Benjamin --- crypto/fipsmodule/bn/bn.c | 21 +-------------------- 1 file changed, 1 insertion(+), 20 deletions(-) diff --git a/crypto/fipsmodule/bn/bn.c b/crypto/fipsmodule/bn/bn.c index e3f1c9007..4bed2d339 100644 --- a/crypto/fipsmodule/bn/bn.c +++ b/crypto/fipsmodule/bn/bn.c @@ -101,26 +101,7 @@ void BN_free(BIGNUM *bn) { } void BN_clear_free(BIGNUM *bn) { - char should_free; - - if (bn == NULL) { - return; - } - - if (bn->d != NULL) { - if ((bn->flags & BN_FLG_STATIC_DATA) == 0) { - OPENSSL_free(bn->d); - } else { - OPENSSL_cleanse(bn->d, bn->dmax * sizeof(bn->d[0])); - } - } - - should_free = (bn->flags & BN_FLG_MALLOCED) != 0; - if (should_free) { - OPENSSL_free(bn); - } else { - OPENSSL_cleanse(bn, sizeof(BIGNUM)); - } + BN_free(bn); } BIGNUM *BN_dup(const BIGNUM *src) {