diff options
Diffstat (limited to 'crypt/crypt-entry.c')
| -rw-r--r-- | crypt/crypt-entry.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/crypt/crypt-entry.c b/crypt/crypt-entry.c index a7dfccaa36..23e776fb9e 100644 --- a/crypt/crypt-entry.c +++ b/crypt/crypt-entry.c @@ -141,6 +141,15 @@ __crypt_r (const char *key, const char *salt, * And convert back to 6 bit ASCII */ _ufc_output_conversion_r (res[0], res[1], salt, data); + + /* + * Erase key-dependent intermediate data. Data dependent only on + * the salt is not considered sensitive. + */ + explicit_bzero (ktab, sizeof (ktab)); + explicit_bzero (data->keysched, sizeof (data->keysched)); + explicit_bzero (res, sizeof (res)); + return data->crypt_3_buf; } weak_alias (__crypt_r, crypt_r) |