bn2binpad: Use memset as the buffer will be used later

Apparently using OPENSSL_cleanse() confuses the fuzzer so it makes the buffer to appear uninitialized. And memset can be safely used here and it is also potentially faster. Fixes openssl#17237 Reviewed-by: Bernd Edlinger <[email protected]> (Merged from openssl#17240)
eckserah · Dec 13, 2021 · 858d5ac · 858d5ac
1 parent 61fa00a
commit 858d5ac
Showing 1 changed file with 2 additions and 1 deletion.
diff --git a/crypto/bn/bn_lib.c b/crypto/bn/bn_lib.c
@@ -505,7 +505,8 @@ int bn2binpad(const BIGNUM *a, unsigned char *to, int tolen, endianess_t endiane
     /* Swipe through whole available data and don't give away padded zero. */
     atop = a->dmax * BN_BYTES;
     if (atop == 0) {
-        OPENSSL_cleanse(to, tolen);
+        if (tolen != 0)
+            memset(to, '\0', tolen);
         return tolen;
     }