On 3 July 2014 23:04, Salz, Rich <rs...@akamai.com> wrote: > Why not just have bn_expand_internal call memset?
Exactly, this makes more sense. > > ; git diff bn_lib.c > diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c > index b1e224b..86d1d37 100644 > --- a/crypto/bn/bn_lib.c > +++ b/crypto/bn/bn_lib.c > @@ -324,6 +324,9 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int > words) > BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE); > return(NULL); > } > +#ifdef PURIFY > + memset(a, 0, sizeof(BN_ULONG)*words); > +#endif > #if 1 > B=b->d; > /* Check if the previous number needs to be copied */ > ; > > -- > Principal Security Engineer > Akamai Technologies, Cambridge, MA > IM: rs...@jabber.me; Twitter: RichSalz > ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List openssl-dev@openssl.org Automated List Manager majord...@openssl.org
