PVS-Studio warning V579 for OpenSSL

1. unsigned char cleanse_ctr = 0;
2.  
3. void OPENSSL_cleanse(void *ptr, size_t len)
4. {
5.   unsigned char *p = ptr;
6.   size_t loop = len, ctr = cleanse_ctr;
7.   while(loop--)
8.   {
9.     *(p++) = (unsigned char)ctr;
10.     ctr += (17 + ((size_t)p & 0xF));
11.   }
12.   p=memchr(ptr, (unsigned char)ctr, len);
13.   if(p)
14.     ctr += (63 + (size_t)p);
15.   cleanse_ctr = (unsigned char)ctr;
16. }
17.  
18. void usage(void)
19. {
20.   static unsigned char *buf=NULL,*obuf=NULL;
21.   ....
22. problems:
23.   OPENSSL_cleanse(buf,sizeof(buf));
24.   OPENSSL_cleanse(obuf,sizeof(obuf));
25.   ....
26. }
27.  
28. This suspicious code was found in OpenSSL project by PVS-Studio static code analyzer.
29. Warning message is:
30. V579 The OPENSSL_cleanse function receives the pointer and its size as arguments. It is possibly a mistake. Inspect the second argument. des.c 669
31.  
32. PVS-Studio is a static analyzer for detecting bugs in the source code of applications written in C, C++, C++11, C++/CX. Site: http://www.viva64.com/en/pvs-studio/