From fe435898d593343d7d9fdc31aa597c1c40026222 Mon Sep 17 00:00:00 2001
From: millert <>
Date: Wed, 2 Apr 2008 19:54:05 +0000
Subject: Zero state buffers on return.  OK deraadt@

---
 src/lib/libc/crypt/bcrypt.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/lib/libc/crypt/bcrypt.c b/src/lib/libc/crypt/bcrypt.c
index 769d303402..207e76ea46 100644
--- a/src/lib/libc/crypt/bcrypt.c
+++ b/src/lib/libc/crypt/bcrypt.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bcrypt.c,v 1.23 2007/03/19 05:18:32 ray Exp $	*/
+/*	$OpenBSD: bcrypt.c,v 1.24 2008/04/02 19:54:05 millert Exp $	*/
 
 /*
  * Copyright 1997 Niels Provos <provos@physnet.uni-hamburg.de>
@@ -270,6 +270,10 @@ bcrypt(const char *key, const char *salt)
 	encode_base64((u_int8_t *) encrypted + i + 3, csalt, BCRYPT_MAXSALT);
 	encode_base64((u_int8_t *) encrypted + strlen(encrypted), ciphertext,
 	    4 * BCRYPT_BLOCKS - 1);
+	memset(&state, 0, sizeof(state));
+	memset(ciphertext, 0, sizeof(ciphertext));
+	memset(csalt, 0, sizeof(csalt));
+	memset(cdata, 0, sizeof(cdata));
 	return encrypted;
 }
 
-- 
cgit v1.2.3-55-g6feb