From: Alex Hornung <ahornung@gmail.com>
Date: Tue, 19 Oct 2010 18:05:17 +0000 (+0100)
Subject: cryptosoft - Zero out ctx after SHA1 or MD5 op
X-Git-Tag: v2.8.1~38
X-Git-Url: https://gitweb.dragonflybsd.org/dragonfly.git/commitdiff_plain/46413ae74da286de584d200fe796377987701dc2

cryptosoft - Zero out ctx after SHA1 or MD5 op

Obtained-from: OpenBSD
---

diff --git a/sys/opencrypto/cryptosoft.c b/sys/opencrypto/cryptosoft.c
index 2053a8631f..28a611e4f5 100644
--- a/sys/opencrypto/cryptosoft.c
+++ b/sys/opencrypto/cryptosoft.c
@@ -1017,8 +1017,10 @@ swcr_freesession_slot(struct swcr_data **swdp, u_int32_t sid)
 		case CRYPTO_SHA1:
 			axf = swd->sw_axf;
 
-			if (swd->sw_ictx)
+			if (swd->sw_ictx) {
+				bzero(swd->sw_ictx, axf->ctxsize);
 				kfree(swd->sw_ictx, M_CRYPTO_DATA);
+			}
 			break;
 
 		case CRYPTO_DEFLATE_COMP: