The branch master has been updated
via 858d5ac16d256db24f78b8c84e723b7d34c8b1ea (commit)
from 61fa00a4d03f6808389bc1847937f72d184f0627 (commit)
- Log -----------------------------------------------------------------
commit 858d5ac16d256db24f78b8c84e723b7d34c8b1ea
Author: Tomas Mraz <to...@openssl.org>
Date: Wed Dec 8 18:26:03 2021 +0100
bn2binpad: Use memset as the buffer will be used later
Apparently using OPENSSL_cleanse() confuses the fuzzer so it
makes the buffer to appear uninitialized. And memset can be
safely used here and it is also potentially faster.
Fixes #17237
Reviewed-by: Bernd Edlinger <bernd.edlin...@hotmail.de>
(Merged from https://github.com/openssl/openssl/pull/17240)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_lib.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
index 28a3e91679..d37b89c2a6 100644
--- a/crypto/bn/bn_lib.c
+++ b/crypto/bn/bn_lib.c
@@ -505,7 +505,8 @@ int bn2binpad(const BIGNUM *a, unsigned char *to, int
tolen, endianess_t endiane
/* Swipe through whole available data and don't give away padded zero. */
atop = a->dmax * BN_BYTES;
if (atop == 0) {
- OPENSSL_cleanse(to, tolen);
+ if (tolen != 0)
+ memset(to, '\0', tolen);
return tolen;
}
