From c41446b56e99f67683f41be044a8194b457f5a79 Mon Sep 17 00:00:00 2001
From: dlg <dlg@openbsd.org>
Date: Thu, 27 Aug 2015 13:33:24 +0000
Subject: use explicit_bzero to clear some memory that had creds in it instead
 of memset.

ok deraadt@ millert@
---
 lib/libc/gen/authenticate.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/lib/libc/gen/authenticate.c b/lib/libc/gen/authenticate.c
index 0c2d95369d8..37c178540a2 100644
--- a/lib/libc/gen/authenticate.c
+++ b/lib/libc/gen/authenticate.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: authenticate.c,v 1.20 2013/11/24 23:51:29 deraadt Exp $	*/
+/*	$OpenBSD: authenticate.c,v 1.21 2015/08/27 13:33:24 dlg Exp $	*/
 
 /*-
  * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
@@ -348,7 +348,7 @@ auth_usercheck(char *name, char *style, char *type, char *password)
 		auth_setitem(as, AUTHV_SERVICE, "response");
 		auth_setdata(as, "", 1);
 		auth_setdata(as, password, strlen(password) + 1);
-		memset(password, 0, strlen(password));
+		explicit_bzero(password, strlen(password));
 	} else
 		as = NULL;
 	as = auth_verify(as, style, name, lc->lc_class, (char *)NULL);
@@ -453,7 +453,7 @@ auth_userresponse(auth_session_t *as, char *response, int more)
 		auth_setdata(as, "", 1);
 	if (response) {
 		auth_setdata(as, response, strlen(response) + 1);
-		memset(response, 0, strlen(response));
+		explicit_bzero(response, strlen(response));
 	} else
 		auth_setdata(as, "", 1);
 
-- 
cgit v1.2.3-59-g8ed1b