From 72547754b766351e4b6ebcc51b842f0ddc2fd220 Mon Sep 17 00:00:00 2001
From: deraadt <deraadt@openbsd.org>
Date: Mon, 17 Apr 2017 21:49:01 +0000
Subject: [PATCH] memset() of password field should be explicit_bzero(). [Not
 using freezero() in yacc files yet]

---
 libexec/ftpd/ftpcmd.y | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/libexec/ftpd/ftpcmd.y b/libexec/ftpd/ftpcmd.y
index b8bce1930b4..36d9824a9ce 100644
--- a/libexec/ftpd/ftpcmd.y
+++ b/libexec/ftpd/ftpcmd.y
@@ -1,4 +1,4 @@
-/*	$OpenBSD: ftpcmd.y,v 1.64 2016/08/26 06:32:10 tedu Exp $	*/
+/*	$OpenBSD: ftpcmd.y,v 1.65 2017/04/17 21:49:01 deraadt Exp $	*/
 /*	$NetBSD: ftpcmd.y,v 1.7 1996/04/08 19:03:11 jtc Exp $	*/
 
 /*
@@ -157,7 +157,7 @@ cmd
 	| PASS SP password CRLF
 		{
 			quit = monitor_pass($3);
-			memset($3, 0, strlen($3));
+			explicit_bzero($3, strlen($3));
 			free($3);
 
 			/* Terminate unprivileged pre-auth slave */
-- 
2.20.1