From 1090fcfd4dd3ca1b3abf774efcf0698b4f3799b2 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Tue, 18 Jul 2017 19:19:04 +0200
Subject: [PATCH] memzero() the state if we call generichash_final() twice

---
 src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
index 553364bf..43f38002 100644
--- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
+++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
@@ -359,6 +359,7 @@ blake2b_final(blake2b_state *S, uint8_t *out, uint8_t outlen)
         sodium_misuse("blake2b_final(): unsupported output length");
     }
     if (blake2b_is_lastblock(S)) {
+        sodium_memzero(S, sizeof *S);
         return -1;
     }
     if (S->buflen > BLAKE2B_BLOCKBYTES) {