From ceab2ebac1551cd8890516ed8ec49f9f965fe814 Mon Sep 17 00:00:00 2001
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Wed, 12 Jan 2011 20:41:49 +0000
Subject: explicit zeroing of key information in the softraid ioctl code ok
 marco

---
 sys/dev/softraid_crypto.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'sys/dev')

diff --git a/sys/dev/softraid_crypto.c b/sys/dev/softraid_crypto.c
index 77db49f3718..ce9ec1f14fb 100644
--- a/sys/dev/softraid_crypto.c
+++ b/sys/dev/softraid_crypto.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: softraid_crypto.c,v 1.60 2011/01/12 20:38:33 marco Exp $ */
+/* $OpenBSD: softraid_crypto.c,v 1.61 2011/01/12 20:41:48 deraadt Exp $ */
 /*
  * Copyright (c) 2007 Marco Peereboom <marco@peereboom.us>
  * Copyright (c) 2008 Hans-Joerg Hoexer <hshoexer@openbsd.org>
@@ -1085,6 +1085,9 @@ sr_crypto_ioctl(struct sr_discipline *sd, struct bioc_discipline *bd)
 	}
 
 bad:
+	explicit_bzero(&kdfpair, sizeof(kdfpair));
+	explicit_bzero(&kdfinfo1, sizeof(kdfinfo1));
+	explicit_bzero(&kdfinfo2, sizeof(&kdfinfo2));
 	return (rv);
 }
 
-- 
cgit v1.2.3