Use OPENSSL_cleanse where appropriate

Author: justsmth

crypto/bio/bio_mem.c

@@ -217,7 +217,7 @@ static long mem_ctrl(BIO *bio, int cmd, long num, void *ptr) {
           b->data -= b->max - b->length;
           b->length = b->max;
         } else {
-          OPENSSL_memset(b->data, 0, b->max);
+          OPENSSL_cleanse(b->data, b->max);
           b->length = 0;
         }
       }

crypto/bio/bio_socket_test.cc

@@ -518,6 +518,7 @@ static void test_send_receive(bssl::UniquePtr<BIO> &sender_bio,
 
   // Receive a message
   char buff[1024];
+  OPENSSL_cleanse(buff, sizeof(buff));
   ASSERT_EQ((int)strlen(kTestMessage) + 1,
             BIO_read(receiver_bio.get(), buff, sizeof(buff)))
       << LastSocketError();
@@ -539,6 +540,7 @@ static void test_puts_receive(bssl::UniquePtr<BIO> &sender_bio,
 
   // Receive a message.
   char buff[1024];
+  OPENSSL_cleanse(buff, sizeof(buff));
   // `BIO_puts` does not send the \0 byte at the end of the string.
   ASSERT_EQ((int)strlen(kTestMessage),
             BIO_read(receiver_bio.get(), buff, sizeof(buff)))

crypto/bio/socket_helper.c

@@ -51,7 +51,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock,
 
   *out_sock = -1;
 
-  OPENSSL_memset(&hint, 0, sizeof(hint));
+  OPENSSL_cleanse(&hint,sizeof(hint));
   hint.ai_family = AF_UNSPEC;
   hint.ai_socktype = SOCK_STREAM;
 
@@ -72,7 +72,7 @@ int bio_ip_and_port_to_socket_and_addr(int *out_sock,
     if ((size_t) cur->ai_addrlen > sizeof(struct sockaddr_storage)) {
       continue;
     }
-    OPENSSL_memset(out_addr, 0, sizeof(struct sockaddr_storage));
+    OPENSSL_cleanse(out_addr, sizeof(struct sockaddr_storage));
     OPENSSL_memcpy(out_addr, cur->ai_addr, cur->ai_addrlen);
     *out_addr_length = cur->ai_addrlen;