Commit 4adb40393c for openssl.org
commit 4adb40393c073fd5ac34495efd083e981a6a6d69
Author: dann frazier <dann.frazier@chainguard.dev>
Date: Wed Jul 30 08:51:30 2025 -0600
doc/man3/OPENSSL_malloc: clarify OPENSSL_clear_free() w/ NULL
It wasn't explicitly clear that it was safe to call OPENSSL_clear_free()
with a NULL because, as worded, it sounded like it may call
OPENSSL_cleanse() on NULL before calling OPENSSL_free().
CLA: trivial
Signed-off-by: dann frazier <dann.frazier@chainguard.dev>
Reviewed-by: Saša NedvÄ›dický <sashan@openssl.org>
Reviewed-by: Eugene Syromiatnikov <esyr@openssl.org>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
Reviewed-by: Neil Horman <nhorman@openssl.org>
MergeDate: Thu Mar 12 17:43:51 2026
(Merged from https://github.com/openssl/openssl/pull/28127)
diff --git a/doc/man3/OPENSSL_malloc.pod b/doc/man3/OPENSSL_malloc.pod
index 30ceeb6ec0..8de534b94d 100644
--- a/doc/man3/OPENSSL_malloc.pod
+++ b/doc/man3/OPENSSL_malloc.pod
@@ -138,8 +138,8 @@ in the I<freeptr> variable, rather than the returned pointer.
OPENSSL_clear_realloc() and OPENSSL_clear_free() should be used
when the buffer at B<addr> holds sensitive information.
The old buffer is filled with zero's by calling OPENSSL_cleanse()
-before ultimately calling OPENSSL_free(). If the argument to OPENSSL_free() is
-NULL, nothing is done.
+before ultimately calling OPENSSL_free(). If the argument to
+OPENSSL_clear_free() is NULL, nothing is done.
OPENSSL_malloc_array(), OPENSSL_calloc(), OPENSSL_aligned_alloc_array(),
OPENSSL_realloc_array(), and OPENSSL_clear_realloc_array() are variants