[openssl-commits] [openssl] master update
Rich Salz
rsalz at openssl.org
Tue Nov 8 22:39:36 UTC 2016
The branch master has been updated
via e5e71f2857275189577ab7b227608ab4ec985471 (commit)
from 513d76f495a256daf5c70f3c96f8fddc84c84c6a (commit)
- Log -----------------------------------------------------------------
commit e5e71f2857275189577ab7b227608ab4ec985471
Author: Rich Salz <rsalz at openssl.org>
Date: Tue Nov 8 15:56:04 2016 -0500
Zero stack variable with DSA nonce
Thanks to Falko Strenzke for bringing this to our attention.
Reviewed-by: Andy Polyakov <appro at openssl.org>
(Merged from https://github.com/openssl/openssl/pull/1882)
-----------------------------------------------------------------------
Summary of changes:
crypto/bn/bn_rand.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/crypto/bn/bn_rand.c b/crypto/bn/bn_rand.c
index c577fd1..9ce4c5f 100644
--- a/crypto/bn/bn_rand.c
+++ b/crypto/bn/bn_rand.c
@@ -253,5 +253,6 @@ int BN_generate_dsa_nonce(BIGNUM *out, const BIGNUM *range,
err:
OPENSSL_free(k_bytes);
+ OPENSSL_cleanse(private_bytes, sizeof(private_bytes));
return ret;
}
More information about the openssl-commits
mailing list