cryptosoft - Zero out ctx after SHA1 or MD5 op
authorAlex Hornung <ahornung@gmail.com>
Tue, 19 Oct 2010 18:05:17 +0000 (19:05 +0100)
committerMatthew Dillon <dillon@apollo.backplane.com>
Sun, 24 Oct 2010 16:32:32 +0000 (09:32 -0700)
Obtained-from: OpenBSD

sys/opencrypto/cryptosoft.c

index 2053a86..28a611e 100644 (file)
@@ -1017,8 +1017,10 @@ swcr_freesession_slot(struct swcr_data **swdp, u_int32_t sid)
                case CRYPTO_SHA1:
                        axf = swd->sw_axf;
 
-                       if (swd->sw_ictx)
+                       if (swd->sw_ictx) {
+                               bzero(swd->sw_ictx, axf->ctxsize);
                                kfree(swd->sw_ictx, M_CRYPTO_DATA);
+                       }
                        break;
 
                case CRYPTO_DEFLATE_COMP: