From 0a6178f20373b34f36e91a03d7ca0d4c22462217 Mon Sep 17 00:00:00 2001 From: Steve Thomas Date: Sat, 18 Jun 2022 13:32:35 -0500 Subject: [PATCH] Clear decrypted block from stack (#1190) --- src/libsodium/crypto_secretbox/crypto_secretbox_easy.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c b/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c index 29023f94..365be738 100644 --- a/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c +++ b/src/libsodium/crypto_secretbox/crypto_secretbox_easy.c @@ -134,6 +134,7 @@ crypto_secretbox_open_detached(unsigned char *m, const unsigned char *c, for (i = 0U; i < mlen0; i++) { m[i] = block0[crypto_secretbox_ZEROBYTES + i]; } + sodium_memzero(block0, sizeof block0); if (clen > mlen0) { crypto_stream_salsa20_xor_ic(m + mlen0, c + mlen0, clen - mlen0, n + 16, 1U, subkey);