memzero() the state if we call generichash_final() twice

2017-07-18 19:19:04 +02:00 · 2017-07-18 19:19:04 +02:00 · 1090fcfd4d
commit 1090fcfd4d
parent 6768d82ea2
1 changed files with 1 additions and 0 deletions
--- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
+++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
@ -359,6 +359,7 @@ blake2b_final(blake2b_state *S, uint8_t *out, uint8_t outlen)
        sodium_misuse("blake2b_final(): unsupported output length");
    }
    if (blake2b_is_lastblock(S)) {
+        sodium_memzero(S, sizeof *S);
        return -1;
    }
    if (S->buflen > BLAKE2B_BLOCKBYTES) {