zero entropy buf

diff --git a/sys/dev/rnd.c b/sys/dev/rnd.c
index a6afe5d..9770108 100644 (file)
--- a/sys/dev/rnd.c
+++ b/sys/dev/rnd.c
@@ -1,4 +1,4 @@
-/*     $OpenBSD: rnd.c,v 1.158 2014/07/12 18:48:51 tedu Exp $  */
+/*     $OpenBSD: rnd.c,v 1.159 2014/07/17 13:38:22 tedu Exp $  */
 
 /*
  * Copyright (c) 2011 Theo de Raadt.
@@ -946,6 +946,7 @@ sys_getentropy(struct proc *p, void *v, register_t *retval)
        arc4random_buf(buf, SCARG(uap, nbyte));
        if ((error = copyout(buf, SCARG(uap, buf), SCARG(uap, nbyte))) != 0)
                return (error);
+       explicit_bzero(buf, sizeof(buf));
        retval[0] = 0;
        return (0);
 }