From c4c40cc784e8413d3bf312ccea42c341e10112a7 Mon Sep 17 00:00:00 2001
From: jsing <>
Date: Fri, 14 Apr 2017 15:20:55 +0000
Subject: Use freezero(3) in the CBB clean up path, since this could hold
 sensitive information (such as master keys).

---
 src/lib/libssl/bs_cbb.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

(limited to 'src/lib')

diff --git a/src/lib/libssl/bs_cbb.c b/src/lib/libssl/bs_cbb.c
index a84299f8a2..154a7964e6 100644
--- a/src/lib/libssl/bs_cbb.c
+++ b/src/lib/libssl/bs_cbb.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: bs_cbb.c,v 1.14 2017/03/10 15:16:20 jsing Exp $	*/
+/*	$OpenBSD: bs_cbb.c,v 1.15 2017/04/14 15:20:55 jsing Exp $	*/
 /*
  * Copyright (c) 2014, Google Inc.
  *
@@ -80,8 +80,7 @@ CBB_cleanup(CBB *cbb)
 {
 	if (cbb->base) {
 		if (cbb->base->can_resize)
-			free(cbb->base->buf);
-
+			freezero(cbb->base->buf, cbb->base->cap);
 		free(cbb->base);
 	}
 	cbb->base = NULL;
-- 
cgit v1.2.3-55-g6feb