- (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG

author: Damien Miller <djm@mindrot.org> 2014-09-04 03:46:05 +1000
committer: Damien Miller <djm@mindrot.org> 2014-09-04 03:46:05 +1000
commit: 2a8699f37cc2515e3bc60e0c677ba060f4d48191 (patch)
tree: ad7fa4dc41c84cc5b267d5d3314e53dd903c5113
parent: 44988defb1f5e3afe576d86000365e1f07a1b494 (diff)
download: openssh-git-2a8699f37cc2515e3bc60e0c677ba060f4d48191.tar.gz
2 files changed, 4 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 829de365..57396888 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -1,3 +1,6 @@
+20140904
+ - (djm) [openbsd-compat/arc4random.c] Zero seed after keying PRNG
+
 20140903
  - (djm) [defines.h sshbuf.c] Move __predict_true|false to defines.h and
    conditionalise to avoid duplicate definition.
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index fa0d6301..09dbfda1 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -87,7 +87,7 @@ _rs_stir(void)
 		_rs_init(rnd, sizeof(rnd));
 	} else
 		_rs_rekey(rnd, sizeof(rnd));
-	memset(rnd, 0, sizeof(rnd));
+	explicit_bzero(rnd, sizeof(rnd));
 
 	/* invalidate rs_buf */
 	rs_have = 0;
author	Damien Miller <djm@mindrot.org>	2014-09-04 03:46:05 +1000
committer	Damien Miller <djm@mindrot.org>	2014-09-04 03:46:05 +1000
commit	2a8699f37cc2515e3bc60e0c677ba060f4d48191 (patch)
tree	ad7fa4dc41c84cc5b267d5d3314e53dd903c5113
parent	44988defb1f5e3afe576d86000365e1f07a1b494 (diff)
download	openssh-git-2a8699f37cc2515e3bc60e0c677ba060f4d48191.tar.gz