From d319eba68e78e50e6b3d98f316f079f33131f8d6 Mon Sep 17 00:00:00 2001 From: Mike Belopuhov Date: Wed, 6 Oct 2010 10:01:00 +0000 Subject: zero out auth hash context before freeing it; ok matthew millert --- sys/crypto/cryptosoft.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) (limited to 'sys/crypto') diff --git a/sys/crypto/cryptosoft.c b/sys/crypto/cryptosoft.c index 446c91c49de..7006afb968b 100644 --- a/sys/crypto/cryptosoft.c +++ b/sys/crypto/cryptosoft.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cryptosoft.c,v 1.55 2010/09/22 11:54:23 mikeb Exp $ */ +/* $OpenBSD: cryptosoft.c,v 1.56 2010/10/06 10:00:59 mikeb Exp $ */ /* * The author of this code is Angelos D. Keromytis (angelos@cis.upenn.edu) @@ -1037,8 +1037,10 @@ swcr_freesession(u_int64_t tid) case CRYPTO_SHA1: axf = swd->sw_axf; - if (swd->sw_ictx) + if (swd->sw_ictx) { + bzero(swd->sw_ictx, axf->ctxsize); free(swd->sw_ictx, M_CRYPTO_DATA); + } break; } -- cgit v1.2.3