diff --git a/lib/hcrypto/des.c b/lib/hcrypto/des.c index ac174180f..32f87b471 100644 --- a/lib/hcrypto/des.c +++ b/lib/hcrypto/des.c @@ -851,7 +851,7 @@ DES_string_to_key(const char *str, DES_cblock *key) k[7] ^= 0xF0; DES_set_key(key, &ks); DES_cbc_cksum(s, key, len, &ks, key); - memset(&ks, 0, sizeof(ks)); + memset_s(&ks, sizeof(ks), 0, sizeof(ks)); DES_set_odd_parity(key); if (DES_is_weak_key(key)) k[7] ^= 0xF0; diff --git a/lib/hcrypto/dh.c b/lib/hcrypto/dh.c index 5d2d214f7..b3b25e518 100644 --- a/lib/hcrypto/dh.c +++ b/lib/hcrypto/dh.c @@ -145,7 +145,7 @@ DH_free(DH *dh) free_if(dh->counter); #undef free_if - memset(dh, 0, sizeof(*dh)); + memset_s(dh, sizeof(*dh), 0, sizeof(*dh)); free(dh); } diff --git a/lib/hcrypto/dsa.c b/lib/hcrypto/dsa.c index bbb34601c..eac0ae649 100644 --- a/lib/hcrypto/dsa.c +++ b/lib/hcrypto/dsa.c @@ -70,7 +70,7 @@ DSA_free(DSA *dsa) free_if(dsa->r); #undef free_if - memset(dsa, 0, sizeof(*dsa)); + memset_s(dsa, sizeof(*dsa), 0, sizeof(*dsa)); free(dsa); } diff --git a/lib/hcrypto/engine.c b/lib/hcrypto/engine.c index 3dae960fd..6a79b7c99 100644 --- a/lib/hcrypto/engine.c +++ b/lib/hcrypto/engine.c @@ -87,7 +87,7 @@ ENGINE_finish(ENGINE *engine) if (engine->dso_handle) dlclose(engine->dso_handle); - memset(engine, 0, sizeof(*engine)); + memset_s(engine, sizeof(*engine), 0, sizeof(*engine)); engine->references = -1; diff --git a/lib/hcrypto/evp-openssl.c b/lib/hcrypto/evp-openssl.c index a651184c6..ca02862bf 100644 --- a/lib/hcrypto/evp-openssl.c +++ b/lib/hcrypto/evp-openssl.c @@ -204,7 +204,7 @@ get_EVP_CIPHER_once_cb(void *d) */ ossl_evp = EVP_get_cipherbynid(arg->nid); if (ossl_evp == NULL) { - (void) memset(hc_evp, 0, sizeof(*hc_evp)); + (void) memset_s(hc_evp, sizeof(*hc_evp), 0, sizeof(*hc_evp)); #if HCRYPTO_FALLBACK *arg->hc_memoizep = arg->fallback; #endif @@ -348,7 +348,7 @@ get_EVP_MD_once_cb(void *d) *arg->ossl_memoizep = ossl_evp = EVP_get_digestbynid(arg->nid); if (ossl_evp == NULL) { - (void) memset(hc_evp, 0, sizeof(*hc_evp)); + (void) memset_s(hc_evp, sizeof(*hc_evp), 0, sizeof(*hc_evp)); #if HCRYPTO_FALLBACK *arg->hc_memoizep = arg->fallback; #endif diff --git a/lib/hcrypto/evp.c b/lib/hcrypto/evp.c index 9cced4c53..320e85283 100644 --- a/lib/hcrypto/evp.c +++ b/lib/hcrypto/evp.c @@ -189,12 +189,12 @@ EVP_MD_CTX_cleanup(EVP_MD_CTX *ctx) HC_DEPRECATED if (!ret) return ret; } else if (ctx->md) { - memset(ctx->ptr, 0, ctx->md->ctx_size); + memset_s(ctx->ptr, ctx->md->ctx_size, 0, ctx->md->ctx_size); } ctx->md = NULL; ctx->engine = NULL; free(ctx->ptr); - memset(ctx, 0, sizeof(*ctx)); + memset_s(ctx, sizeof(*ctx), 0, sizeof(*ctx)); return 1; } @@ -607,7 +607,7 @@ EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) } if (c->cipher_data) { if (c->cipher) - memset(c->cipher_data, 0, c->cipher->ctx_size); + memset_s(c->cipher_data, c->cipher->ctx_size, 0, c->cipher->ctx_size); free(c->cipher_data); c->cipher_data = NULL; } @@ -905,7 +905,7 @@ EVP_CipherUpdate(EVP_CIPHER_CTX *ctx, void *out, int *outlen, /* fill in local buffer and encrypt */ memcpy(ctx->buf + ctx->buf_len, in, left); ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize); - memset(ctx->buf, 0, blocksize); + memset_s(ctx->buf, blocksize, 0, blocksize); if (ret != 1) return ret; @@ -966,7 +966,7 @@ EVP_CipherFinal_ex(EVP_CIPHER_CTX *ctx, void *out, int *outlen) /* zero fill local buffer */ memset(ctx->buf + ctx->buf_len, 0, left); ret = (*ctx->cipher->do_cipher)(ctx, out, ctx->buf, blocksize); - memset(ctx->buf, 0, blocksize); + memset_s(ctx->buf, blocksize, 0, blocksize); if (ret != 1) return ret; diff --git a/lib/hcrypto/hmac.c b/lib/hcrypto/hmac.c index 6b387ae90..adccee76b 100644 --- a/lib/hcrypto/hmac.c +++ b/lib/hcrypto/hmac.c @@ -46,17 +46,17 @@ void HMAC_CTX_cleanup(HMAC_CTX *ctx) { if (ctx->buf) { - memset(ctx->buf, 0, ctx->key_length); + memset_s(ctx->buf, ctx->key_length, 0, ctx->key_length); free(ctx->buf); ctx->buf = NULL; } if (ctx->opad) { - memset(ctx->opad, 0, EVP_MD_block_size(ctx->md)); + memset_s(ctx->opad, EVP_MD_block_size(ctx->md), 0, EVP_MD_block_size(ctx->md)); free(ctx->opad); ctx->opad = NULL; } if (ctx->ipad) { - memset(ctx->ipad, 0, EVP_MD_block_size(ctx->md)); + memset_s(ctx->ipad, EVP_MD_block_size(ctx->md), 0, EVP_MD_block_size(ctx->md)); free(ctx->ipad); ctx->ipad = NULL; } diff --git a/lib/hcrypto/md2.c b/lib/hcrypto/md2.c index da41e6d83..0170d416a 100644 --- a/lib/hcrypto/md2.c +++ b/lib/hcrypto/md2.c @@ -133,6 +133,6 @@ MD2_Final (void *res, struct md2 *m) MD2_Update(m, pad, 16); memcpy(res, m->state, MD2_DIGEST_LENGTH); - memset(m, 0, sizeof(*m)); + memset_s(m, sizeof(*m), 0, sizeof(*m)); return 1; } diff --git a/lib/hcrypto/passwd_dlg.c b/lib/hcrypto/passwd_dlg.c index 037fa7436..30721160a 100644 --- a/lib/hcrypto/passwd_dlg.c +++ b/lib/hcrypto/passwd_dlg.c @@ -77,11 +77,11 @@ pwd_dialog(char *buf, int size) { case IDOK: strlcpy(buf, passwd, size); - memset (passwd, 0, sizeof(passwd)); + memset_s (passwd, sizeof(passwd), 0, sizeof(passwd)); return 0; case IDCANCEL: default: - memset (passwd, 0, sizeof(passwd)); + memset_s (passwd, sizeof(passwd), 0, sizeof(passwd)); return 1; } } diff --git a/lib/hcrypto/rc2.c b/lib/hcrypto/rc2.c index 02b684cbd..53d32cf04 100644 --- a/lib/hcrypto/rc2.c +++ b/lib/hcrypto/rc2.c @@ -105,7 +105,7 @@ RC2_set_key(RC2_KEY *key, int len, const unsigned char *data, int bits) for (j = 0; j < 64; j++) key->data[j] = k[(j * 2) + 0] | (k[(j * 2) + 1] << 8); - memset(k, 0, sizeof(k)); + memset_s(k, sizeof(k), 0, sizeof(k)); } #define ROT16L(w,n) ((w<>(16-n))) diff --git a/lib/hcrypto/rsa.c b/lib/hcrypto/rsa.c index 6172b2541..61536466d 100644 --- a/lib/hcrypto/rsa.c +++ b/lib/hcrypto/rsa.c @@ -160,7 +160,7 @@ RSA_free(RSA *rsa) free_if(rsa->iqmp); #undef free_if - memset(rsa, 0, sizeof(*rsa)); + memset_s(rsa, sizeof(*rsa), 0, sizeof(*rsa)); free(rsa); }