26 lines
675 B
Diff
26 lines
675 B
Diff
--- openssl-1.1.1l/crypto/fips/fips.c
|
|
+++ openssl-1.1.1l/crypto/fips/fips.c
|
|
@@ -350,6 +350,10 @@ static int FIPSCHECK_verify(const char *
|
|
if (strcmp(hex, hmac) != 0) {
|
|
rv = -1;
|
|
}
|
|
+ if (hmaclen != 0) {
|
|
+ OPENSSL_cleanse(buf, hmaclen);
|
|
+ OPENSSL_cleanse(hex, hmaclen * 2 + 1);
|
|
+ }
|
|
free(buf);
|
|
free(hex);
|
|
} else {
|
|
@@ -357,7 +360,11 @@ static int FIPSCHECK_verify(const char *
|
|
}
|
|
|
|
end:
|
|
+ if (n != 0)
|
|
+ OPENSSL_cleanse(hmac, n);
|
|
free(hmac);
|
|
+ if (strlen(hmacpath) != 0)
|
|
+ OPENSSL_cleanse(hmacpath, strlen(hmacpath));
|
|
free(hmacpath);
|
|
fclose(hf);
|
|
|