From 394e21884cbcc63c1e471b1c09c2f95e2f6871f5 Mon Sep 17 00:00:00 2001
From: Frank Denis <github@pureftpd.org>
Date: Sat, 26 Aug 2017 08:19:58 +0200
Subject: [PATCH] Do not clear the padding (for alignment) section of a blake2b
 state

So that it's acceptable for an application to provide a state that
doesn't include padding.
---
 src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
index c10ed59c..8da3de42 100644
--- a/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
+++ b/src/libsodium/crypto_generichash/blake2b/ref/blake2b-ref.c
@@ -14,6 +14,7 @@
 */
 
 #include <assert.h>
+#include <stddef.h>
 #include <stdint.h>
 #include <stdlib.h>
 #include <string.h>
@@ -160,11 +161,12 @@ static inline int
 blake2b_init0(blake2b_state *S)
 {
     int i;
-    memset(S, 0, sizeof(blake2b_state));
 
     for (i  = 0; i < 8; i++) {
         S->h[i] = blake2b_IV[i];
     }
+    memset(S->t, 0, offsetof(blake2b_state, last_node) + sizeof(S->last_node)
+           - offsetof(blake2b_state, t));
     return 0;
 }