[openssl-commits] [openssl] master update

Rich Salz rsalz at openssl.org
Sun Feb 28 14:41:32 UTC 2016

The branch master has been updated
       via  412bafdcf5621603e91c862025be4c0f1d38bd81 (commit)
       via  91a61513a80a7710db5f61a61a815c945443b65a (commit)
      from  687237e93dd21e4656f1e166c098da1c67d99485 (commit)

- Log -----------------------------------------------------------------
commit 412bafdcf5621603e91c862025be4c0f1d38bd81
Author: Rich Salz <rsalz at akamai.com>
Date:   Thu Feb 25 16:34:27 2016 -0500

    GH715: Missed some null-check-removals.
    Reviewed-by: Richard Levitte <levitte at openssl.org>

commit 91a61513a80a7710db5f61a61a815c945443b65a
Author: Jeffrey Walton <noloader at gmail.com>
Date:   Fri Feb 26 20:44:35 2016 -0500

    RT4351: Update doc for OPENSSL_cleanse
    Reviewed-by: Richard Levitte <levitte at openssl.org>


Summary of changes:
 crypto/rsa/rsa_lib.c          |  9 +++------
 doc/crypto/OPENSSL_malloc.pod | 12 ++++++++++--
 2 files changed, 13 insertions(+), 8 deletions(-)

diff --git a/crypto/rsa/rsa_lib.c b/crypto/rsa/rsa_lib.c
index b049d0b..8b50157 100644
--- a/crypto/rsa/rsa_lib.c
+++ b/crypto/rsa/rsa_lib.c
@@ -154,8 +154,7 @@ RSA *RSA_new_method(ENGINE *engine)
     ret->flags = ret->meth->flags & ~RSA_FLAG_NON_FIPS_ALLOW;
     if (!CRYPTO_new_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data)) {
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
+        ENGINE_finish(ret->engine);
         return (NULL);
@@ -163,8 +162,7 @@ RSA *RSA_new_method(ENGINE *engine)
     if ((ret->meth->init != NULL) && !ret->meth->init(ret)) {
-        if (ret->engine)
-            ENGINE_finish(ret->engine);
+        ENGINE_finish(ret->engine);
         CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, ret, &ret->ex_data);
@@ -189,8 +187,7 @@ void RSA_free(RSA *r)
     if (r->meth->finish)
-    if (r->engine)
-        ENGINE_finish(r->engine);
+    ENGINE_finish(r->engine);
     CRYPTO_free_ex_data(CRYPTO_EX_INDEX_RSA, r, &r->ex_data);
diff --git a/doc/crypto/OPENSSL_malloc.pod b/doc/crypto/OPENSSL_malloc.pod
index 04fa0b7..e0271ca 100644
--- a/doc/crypto/OPENSSL_malloc.pod
+++ b/doc/crypto/OPENSSL_malloc.pod
@@ -4,7 +4,7 @@
 OPENSSL_malloc, OPENSSL_zalloc, OPENSSL_realloc, OPENSSL_free,
-OPENSSL_clear_realloc, OPENSSL_clear_free,
+OPENSSL_clear_realloc, OPENSSL_clear_free, OPENSSL_cleanse
 CRYPTO_malloc, CRYPTO_zalloc, CRYPTO_realloc, CRYPTO_free,
 OPENSSL_strdup, OPENSSL_strndup,
 OPENSSL_memdup, OPENSSL_strlcpy, OPENSSL_strlcat,
@@ -84,9 +84,17 @@ OPENSSL_zalloc() calls memset() to zero the memory before returning.
 OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used
 when the buffer at B<addr> holds sensitive information.
-The old buffer is filled with arbitrary data by calling OPENSSL_cleanse()
+The old buffer is filled with zero's by calling OPENSSL_cleanse()
 before ultimately calling OPENSSL_free().
+OPENSSL_cleanse() fills B<ptr> of size B<len> with a string of 0's.
+Use OPENSSL_cleanse() with care if the memory is a mapping of a file.
+If the storage controller uses write compression, then its possible 
+that sensitive tail bytes will survive zeroization because the block of 
+zeros will be compressed. If the storage controller uses wear leveling, 
+then the old sensitive data will not be overwritten; rather, a block of 
+0's will be written at a new physical location.
 OPENSSL_strdup(), OPENSSL_strndup() and OPENSSL_memdup() are like the
 equivalent C functions, except that memory is allocated by calling the
 OPENSSL_malloc() and should be releaed by calling OPENSSL_free().

More information about the openssl-commits mailing list