Zero memory in CRYPTO_secure_malloc.
This commit destroys the free list pointers which would otherwise be present in the returned memory blocks. This in turn helps prevent information leakage from the secure memory area. Note: CRYPTO_secure_malloc is not guaranteed to return zeroed memory: before the secure memory system is initialised or if it isn't implemented. [manual merge of #7011] Reviewed-by: Matthias St. Pierre <Matthias.St.Pierre@ncp-e.com> (Merged from https://github.com/openssl/openssl/pull/7026)
parent
8255fd0f
Please register or sign in to comment