From 4c0a39b273302d9ab2ded5733fa9a010045ae87d Mon Sep 17 00:00:00 2001
From: Andrew Hopkins <andhop@amazon.com>
Date: Thu, 4 Apr 2024 18:40:20 -0700
Subject: [PATCH] Poison more spots

---
 crypto/fipsmodule/cipher/cipher.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/crypto/fipsmodule/cipher/cipher.c b/crypto/fipsmodule/cipher/cipher.c
index c05fdf3bc7..3017da52cd 100644
--- a/crypto/fipsmodule/cipher/cipher.c
+++ b/crypto/fipsmodule/cipher/cipher.c
@@ -76,6 +76,7 @@ void EVP_CIPHER_CTX_init(EVP_CIPHER_CTX *ctx) {
 EVP_CIPHER_CTX *EVP_CIPHER_CTX_new(void) {
   EVP_CIPHER_CTX *ctx = OPENSSL_zalloc(sizeof(EVP_CIPHER_CTX));
   if (ctx) {
+    ctx->poisoned = 1;
     // NO-OP: struct already zeroed
     // EVP_CIPHER_CTX_init(ctx);
   }
@@ -89,6 +90,7 @@ int EVP_CIPHER_CTX_cleanup(EVP_CIPHER_CTX *c) {
   OPENSSL_free(c->cipher_data);
 
   OPENSSL_memset(c, 0, sizeof(EVP_CIPHER_CTX));
+  c->poisoned = 1;
   return 1;
 }