From 20c99d180a3f9c5d0134ff8c5fc62c434ae50c02 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 31 Oct 2002 15:40:42 +0000
Subject: * build-packet.c (do_plaintext), encode.c (encode_sesskey,
 encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
 wipememory() instead of memset() to wipe sensitive memory as the memset()
 might be optimized away.

---
 g10/encode.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'g10/encode.c')

diff --git a/g10/encode.c b/g10/encode.c
index 7991ef64a..6727c08ed 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -98,7 +98,7 @@ encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey )
     cipher_close( hd );
 
     memcpy( enckey, buf, c->keylen + 1 );
-    memset( buf, 0, sizeof buf ); /* burn key */
+    wipememory( buf, sizeof buf ); /* burn key */
     *ret_dek = c;
 }
 
@@ -350,7 +350,7 @@ encode_simple( const char *filename, int mode, int compat )
 		log_error("copying input to output failed: %s\n", g10_errstr(rc) );
 		break;
 	    }
-	memset(copy_buffer, 0, 4096); /* burn buffer */
+	wipememory(copy_buffer, 4096); /* burn buffer */
     }
 
     /* finish the stuff */
@@ -589,7 +589,7 @@ encode_crypt( const char *filename, STRLIST remusr )
                           g10_errstr(rc) );
 		break;
 	    }
-	memset(copy_buffer, 0, 4096); /* burn buffer */
+	wipememory(copy_buffer, 4096); /* burn buffer */
     }
 
     /* finish the stuff */
-- 
cgit