zero the read buffer after copying data to user so it doesn't linger.

ok beck

diff --git a/lib/libssl/s3_pkt.c b/lib/libssl/s3_pkt.c
index 153b376..0e97be6 100644 (file)
--- a/lib/libssl/s3_pkt.c
+++ b/lib/libssl/s3_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_pkt.c,v 1.57 2015/09/12 16:10:07 doug Exp $ */
+/* $OpenBSD: s3_pkt.c,v 1.58 2016/07/10 23:07:34 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -956,6 +956,7 @@ start:
 
                memcpy(buf, &(rr->data[rr->off]), n);
                if (!peek) {
+                       memset(&(rr->data[rr->off]), 0, n);
                        rr->length -= n;
                        rr->off += n;
                        if (rr->length == 0) {

diff --git a/lib/libssl/src/ssl/s3_pkt.c b/lib/libssl/src/ssl/s3_pkt.c
index 153b376..0e97be6 100644 (file)
--- a/lib/libssl/src/ssl/s3_pkt.c
+++ b/lib/libssl/src/ssl/s3_pkt.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: s3_pkt.c,v 1.57 2015/09/12 16:10:07 doug Exp $ */
+/* $OpenBSD: s3_pkt.c,v 1.58 2016/07/10 23:07:34 tedu Exp $ */
 /* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
  * All rights reserved.
  *
@@ -956,6 +956,7 @@ start:
 
                memcpy(buf, &(rr->data[rr->off]), n);
                if (!peek) {
+                       memset(&(rr->data[rr->off]), 0, n);
                        rr->length -= n;
                        rr->off += n;
                        if (rr->length == 0) {