From: Loup Vaillant <loup@loup-vaillant.fr>
Date: Fri, 3 Nov 2017 11:10:23 +0000 (+0100)
Subject: Forgot to wipe a temporary buffer
X-Git-Url: https://git.codecow.com/?a=commitdiff_plain;h=b8d9969fa71b630c913aec6dbdaeaff2dee4e975;p=Monocypher.git

Forgot to wipe a temporary buffer
---

diff --git a/src/monocypher.c b/src/monocypher.c
index 744ac1a..e0389d0 100644
--- a/src/monocypher.c
+++ b/src/monocypher.c
@@ -1695,7 +1695,9 @@ int crypto_unlock_final(crypto_lock_ctx *ctx, const u8 mac[16])
 {
     u8 real_mac[16];
     crypto_lock_final(ctx, real_mac);
-    return crypto_verify16(real_mac, mac);
+    int mismatch = crypto_verify16(real_mac, mac);
+    crypto_wipe(real_mac, 16);
+    return mismatch;
 }
 
 void crypto_aead_lock(u8        mac[16],