Skip Menu |

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 116599
Status: resolved
Priority: 0/
Queue: Net-SSLeay

Owner: RADIATOR [...]
Requestors: nanis [...]

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 1.86_07

Subject: memset calls to zero memory can be optimized away
Date: Sun, 31 Jul 2016 08:14:12 -0400
To: bug-Net-SSLeay [...]
From: "A. Sinan Unur" <nanis [...]>
Download (untitled) / with headers
text/plain 821b
See C11 provides memset_s which may not be available on a lot of platforms. VC provides SecureZeroMemory (see <>). OpenSSL provides a function OPENSSL_cleanse (see <>) among others. A search of the OpenSSL repo shows OPENSSL_cleans is used throughout the source. C:\Users\sinan\.cpanm\work\1469964982.3552\Net-SSLeay-1.76> findstr /ns memset *.xs SSLeay.xs:1315: memset(key_name, 0, sizeof(key_name)); SSLeay.xs:1320: memset(new_name, 0, sizeof(new_name)); SSLeay.xs:1367: memset(&t,0,sizeof(t));
Download (untitled) / with headers
text/plain 416b
On Sun 31.heinä 2016 08:14:24, wrote: Show quoted text
> OpenSSL provides a function OPENSSL_cleanse (see > <>) > among others.
I chose OPENSSL_cleanse because it's available on all supported library versions. A patch is available at Github via issue 102: Thanks! -- Heikki Vatiainen

This service is sponsored and maintained by Best Practical Solutions and runs on infrastructure.

Please report any issues with to