From f13663bcc1a0d7b86a29e52e0a0d5bd746bc4d21 Mon Sep 17 00:00:00 2001
From: Mike DePaulo <mikedep333@gmail.com>
Date: Mon, 1 Sep 2014 17:44:28 -0400
Subject: Update OpenSSL from 1.0.1h to 1.0.1i

---
 openssl/crypto/bn/bn_lib.c | 9 +++++++++
 1 file changed, 9 insertions(+)

(limited to 'openssl/crypto/bn/bn_lib.c')

diff --git a/openssl/crypto/bn/bn_lib.c b/openssl/crypto/bn/bn_lib.c
index 5461e6ee7..d5a211e28 100644
--- a/openssl/crypto/bn/bn_lib.c
+++ b/openssl/crypto/bn/bn_lib.c
@@ -320,6 +320,15 @@ static BN_ULONG *bn_expand_internal(const BIGNUM *b, int words)
 		BNerr(BN_F_BN_EXPAND_INTERNAL,ERR_R_MALLOC_FAILURE);
 		return(NULL);
 		}
+#ifdef PURIFY
+	/* Valgrind complains in BN_consttime_swap because we process the whole
+	 * array even if it's not initialised yet. This doesn't matter in that
+	 * function - what's important is constant time operation (we're not
+	 * actually going to use the data)
+	*/
+	memset(a, 0, sizeof(BN_ULONG)*words);
+#endif
+
 #if 1
 	B=b->d;
 	/* Check if the previous number needs to be copied */
-- 
cgit v1.2.3