wbrawner/openssl
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

cleanse psk_identity on error

Browse source 
Reviewed-by: Matt Caswell <matt@openssl.org>
This commit is contained in:
Dr. Stephen Henson 2015-07-28 16:13:29 +01:00
parent a784665e52
commit 3df16cc2e2
1 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
ssl/s3_clnt.c
View file

@ -2391,8 +2391,10 @@ int ssl3_send_client_key_exchange(SSL *s)
s->s3->tmp.psk = BUF_memdup(psk, psklen);
OPENSSL_cleanse(psk, psklen);
if (s->s3->tmp.psk == NULL)
if (s->s3->tmp.psk == NULL) {
OPENSSL_cleanse(identity, sizeof(identity));
goto memerr;
}
s->s3->tmp.psklen = psklen;
@ -2404,8 +2406,10 @@ int ssl3_send_client_key_exchange(SSL *s)
}
OPENSSL_free(s->session->psk_identity);
s->session->psk_identity = BUF_strdup(identity);
if (s->session->psk_identity == NULL)
if (s->session->psk_identity == NULL) {
OPENSSL_cleanse(identity, sizeof(identity));
goto memerr;
}
s2n(identitylen, p);
memcpy(p, identity, identitylen);