]> git.ipfire.org Git - thirdparty/openssl.git/commitdiff
projects / thirdparty / openssl.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: d315ac4)
Change free call to secure free call.
authorPauli <paul.dale@oracle.com>
Sun, 8 Mar 2026 10:24:23 +0000 (21:24 +1100)
committerNeil Horman <nhorman@openssl.org>
Tue, 10 Mar 2026 15:08:29 +0000 (11:08 -0400)
Freeing secure memory using OPENSSL_free causes badness.  Use the proper
free call instead.

Fixes #30302

Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
Reviewed-by: Nikola Pajkovsky <nikolap@openssl.org>
MergeDate: Tue Mar 10 15:08:36 2026
(Merged from https://github.com/openssl/openssl/pull/30305)

crypto/ml_dsa/ml_dsa_key.c patch | blob | blame | history

diff --git a/crypto/ml_dsa/ml_dsa_key.c b/crypto/ml_dsa/ml_dsa_key.c
index fdbd3eec6c5747a836f730acb654b8e2579b0dbc..18a520dba72054622b51d9619abbb14f294a4485 100644 (file)
--- a/crypto/ml_dsa/ml_dsa_key.c
+++ b/crypto/ml_dsa/ml_dsa_key.c
@@ -492,7 +492,7 @@ int ossl_ml_dsa_generate_key(ML_DSA_KEY *out)
                 "explicit %s private key does not match seed",
                 out->params->alg);
         }
-        OPENSSL_free(sk);
+        OPENSSL_secure_clear_free(sk, out->params->sk_len);
     }
     return ret;
 }
Mirror of https://github.com/openssl/openssl.git