clear stack variables, suggested by djm

author: tedu <> 2014-03-23 23:27:52 +0000
committer: tedu <> 2014-03-23 23:27:52 +0000
commit: 1979f0f7d68cff5906a006766f11fc1d352502d9 (patch)
tree: 19a04f14ad212cf838124f609f2332f3283238aa /src/lib
parent: 75a2df5b85d98cf04bb9f97260b3218855103a31 (diff)
download: openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.tar.gz
openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.tar.bz2
openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 7d388cf2ea..4fa36bf6e2 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: bcrypt.c,v 1.34 2014/03/23 23:25:05 tedu Exp $        */
+/*      $OpenBSD: bcrypt.c,v 1.35 2014/03/23 23:27:52 tedu Exp $        */
 /*
 * Copyright (c) 2014 Ted Unangst <tedu@openbsd.org>
@@ -218,6 +218,7 @@ bcrypt_newhash(const char *pass, int log_rounds, char *hash, size_t hashlen)
        if (bcrypt_hashpass(pass, salt, hash, hashlen) != 0)
                return -1;
+        explicit_bzero(salt, sizeof(salt));
        return 0;
 }
@@ -231,6 +232,8 @@ bcrypt_checkpass(const char *pass, const char *goodhash)
        if (strlen(hash) != strlen(goodhash) ||
            timingsafe_bcmp(hash, goodhash, strlen(goodhash)) != 0)
                return -1;
+        explicit_bzero(hash, sizeof(hash));
        return 0;
 }
author	tedu <>	2014-03-23 23:27:52 +0000
committer	tedu <>	2014-03-23 23:27:52 +0000
commit	1979f0f7d68cff5906a006766f11fc1d352502d9 (patch)
tree	19a04f14ad212cf838124f609f2332f3283238aa /src/lib
parent	75a2df5b85d98cf04bb9f97260b3218855103a31 (diff)
download	openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.tar.gz openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.tar.bz2 openbsd-1979f0f7d68cff5906a006766f11fc1d352502d9.zip