From 456f89ea7ae37b8e255e37ea1238def701ceb760 Mon Sep 17 00:00:00 2001
From: David Shaw <dshaw@jabberwocky.com>
Date: Thu, 31 Oct 2002 15:28:19 +0000
Subject: [PATCH] * build-packet.c (do_plaintext), encode.c (encode_sesskey,
 encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
 wipememory() instead of memset() to wipe sensitive memory as the memset()
 might be optimized away.

---
 g10/ChangeLog      | 7 +++++++
 g10/build-packet.c | 2 +-
 g10/encode.c       | 6 +++---
 g10/sign.c         | 2 +-
 4 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/g10/ChangeLog b/g10/ChangeLog
index 699d0776c..43cb09f47 100644
--- a/g10/ChangeLog
+++ b/g10/ChangeLog
@@ -1,3 +1,10 @@
+2002-10-31  David Shaw  <dshaw@jabberwocky.com>
+
+	* build-packet.c (do_plaintext), encode.c (encode_sesskey,
+	encode_simple, encode_crypt), sign.c (write_plaintext_packet): Use
+	wipememory() instead of memset() to wipe sensitive memory as the
+	memset() might be optimized away.
+
 2002-10-23  Werner Koch  <wk@gnupg.org>
 
 	* pubkey-enc.c (get_it): Fix segv, test for revoked only when PK
diff --git a/g10/build-packet.c b/g10/build-packet.c
index da1cbbe39..936cc90d6 100644
--- a/g10/build-packet.c
+++ b/g10/build-packet.c
@@ -555,7 +555,7 @@ do_plaintext( IOBUF out, int ctb, PKT_plaintext *pt )
 	}
 	n += nbytes;
     }
-    memset(buf,0,1000); /* at least burn the buffer */
+    wipememory(buf,1000); /* burn the buffer */
     if( !pt->len )
 	iobuf_set_block_mode(out, 0 ); /* write end marker */
     else if( n != pt->len )
diff --git a/g10/encode.c b/g10/encode.c
index b384a7006..91efc8966 100644
--- a/g10/encode.c
+++ b/g10/encode.c
@@ -98,7 +98,7 @@ encode_sesskey( DEK *dek, DEK **ret_dek, byte *enckey )
     cipher_close( hd );
 
     memcpy( enckey, buf, c->keylen + 1 );
-    memset( buf, 0, sizeof buf ); /* burn key */
+    wipememory( buf, sizeof buf ); /* burn key */
     *ret_dek = c;
 }
 
@@ -354,7 +354,7 @@ encode_simple( const char *filename, int mode, int compat )
 		log_error("copying input to output failed: %s\n", g10_errstr(rc) );
 		break;
 	    }
-	memset(copy_buffer, 0, 4096); /* burn buffer */
+	wipememory(copy_buffer, 4096); /* burn buffer */
     }
 
     /* finish the stuff */
@@ -597,7 +597,7 @@ encode_crypt( const char *filename, STRLIST remusr )
                           g10_errstr(rc) );
 		break;
 	    }
-	memset(copy_buffer, 0, 4096); /* burn buffer */
+	wipememory(copy_buffer, 4096); /* burn buffer */
     }
 
     /* finish the stuff */
diff --git a/g10/sign.c b/g10/sign.c
index fe242b8da..c0a9b8f29 100644
--- a/g10/sign.c
+++ b/g10/sign.c
@@ -505,7 +505,7 @@ write_plaintext_packet (IOBUF out, IOBUF inp, const char *fname, int ptmode)
                            g10_errstr(rc));
                 break;
             }
-        memset(copy_buffer, 0, 4096); /* burn buffer */
+        wipememory(copy_buffer,4096); /* burn buffer */
     }
     /* fixme: it seems that we never freed pt/pkt */