Re: [openssl.org #2910] OPENSSL_cleanse called with wrong size

On 2012-11-08, at 6:57 AM, Kees Cook via RT wrote: > http://www.viva64.com/en/b/0178/ > > OPENSSL_cleanse is being called with pointer size instead of the buffer > size in some places. > For example crypto/des/des.c: > > void doencryption(void) > ... >static unsigned char *buf=NULL,*obuf

[openssl.org #2910] OPENSSL_cleanse called with wrong size

http://www.viva64.com/en/b/0178/ OPENSSL_cleanse is being called with pointer size instead of the buffer size in some places. For example crypto/des/des.c: void doencryption(void) ... static unsigned char *buf=NULL,*obuf=NULL; ... OPENSSL_cleanse(buf,sizeof(buf)); OPENSSL