crypt: Zeroize (re)allocated memory in crypt_ra.

besser82 · Jan 15, 2025 · 4b2d8fb · 4b2d8fb
1 parent 2c65064
commit 4b2d8fb
Showing 1 changed file with 2 additions and 0 deletions.
diff --git a/lib/crypt.c b/lib/crypt.c
@@ -211,13 +211,15 @@ crypt_ra (const char *phrase, const char *setting, void **data, int *size)
       *data = malloc (sizeof (struct crypt_data));
       if (!*data)
         return 0;
+      explicit_bzero (*data, sizeof (struct crypt_data));
       *size = sizeof (struct crypt_data);
     }
   if (*size < 0 || (size_t)*size < sizeof (struct crypt_data))
     {
       void *rdata = realloc (*data, sizeof (struct crypt_data));
       if (!rdata)
         return 0;
+      explicit_bzero (rdata, sizeof (struct crypt_data));
       *data = rdata;
       *size = sizeof (struct crypt_data);
     }