4 files changed, 7 insertions, 26 deletions

diff --git a/apps/apps.c b/apps/apps.c
index f74b968..aecd612 100644
--- a/apps/apps.c
+++ b/apps/apps.c
@@ -377,10 +377,7 @@ int password_callback(char *buf, int bufsiz, int verify, PW_CB_DATA *cb_tmp)
             }
             while (ok < 0 && UI_ctrl(ui, UI_CTRL_IS_REDOABLE, 0, 0, 0));
 
-        if (buff) {
-            OPENSSL_cleanse(buff, (unsigned int)bufsiz);
-            OPENSSL_free(buff);
-        }
+        OPENSSL_clear_free(buff, (unsigned int)bufsiz);
 
         if (ok >= 0)
             res = strlen(buf);
diff --git a/apps/dgst.c b/apps/dgst.c
index 3ff4750..69211d3 100644
--- a/apps/dgst.c
+++ b/apps/dgst.c
@@ -441,10 +441,7 @@ int dgst_main(int argc, char **argv)
         }
     }
  end:
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, BUFSIZE);
-        OPENSSL_free(buf);
-    }
+    OPENSSL_clear_free(buf, BUFSIZE);
     BIO_free(in);
     if (passin)
         OPENSSL_free(passin);
diff --git a/apps/s_client.c b/apps/s_client.c
index 344c88c..e7e6684 100644
--- a/apps/s_client.c
+++ b/apps/s_client.c
@@ -1994,8 +1994,7 @@ int s_client_main(int argc, char **argv)
 #endif
     SSL_CTX_free(ctx);
     X509_free(cert);
-    if (crls)
-        sk_X509_CRL_pop_free(crls, X509_CRL_free);
+    sk_X509_CRL_pop_free(crls, X509_CRL_free);
     EVP_PKEY_free(key);
     sk_X509_pop_free(chain, X509_free);
     if (pass)
@@ -2008,18 +2007,9 @@ int s_client_main(int argc, char **argv)
     if (jpake_secret && psk_key)
         OPENSSL_free(psk_key);
 #endif
-    if (cbuf != NULL) {
-        OPENSSL_cleanse(cbuf, BUFSIZZ);
-        OPENSSL_free(cbuf);
-    }
-    if (sbuf != NULL) {
-        OPENSSL_cleanse(sbuf, BUFSIZZ);
-        OPENSSL_free(sbuf);
-    }
-    if (mbuf != NULL) {
-        OPENSSL_cleanse(mbuf, BUFSIZZ);
-        OPENSSL_free(mbuf);
-    }
+    OPENSSL_clear_free(cbuf, BUFSIZZ);
+    OPENSSL_clear_free(sbuf, BUFSIZZ);
+    OPENSSL_clear_free(mbuf, BUFSIZZ);
     BIO_free(bio_c_out);
     bio_c_out = NULL;
     BIO_free(bio_c_msg);
diff --git a/apps/s_server.c b/apps/s_server.c
index 21d2d37..ef32d5a 100644
--- a/apps/s_server.c
+++ b/apps/s_server.c
@@ -2395,10 +2395,7 @@ static int sv_body(char *hostname, int s, int stype, unsigned char *context)
         SSL_free(con);
     }
     BIO_printf(bio_s_out, "CONNECTION CLOSED\n");
-    if (buf != NULL) {
-        OPENSSL_cleanse(buf, bufsize);
-        OPENSSL_free(buf);
-    }
+    OPENSSL_clear_free(buf, bufsize);
     if (ret >= 0)
         BIO_printf(bio_s_out, "ACCEPT\n");
     (void)BIO_flush(bio_s_out);