From 4ae843f18ecb2648cc5d3bc6bc13c4193835b0f8 Mon Sep 17 00:00:00 2001
From: Chris Oei <zlkm208-scryptgenpass@yahoo.com>
Date: Mon, 3 Sep 2012 16:44:24 -0700
Subject: [PATCH] Erase memory that might contain sensitive info

---
 main.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/main.c b/main.c
index 1f48175..68440cf 100644
--- a/main.c
+++ b/main.c
@@ -166,6 +166,7 @@ main(int argc, char *argv[])
 	char buf1[65];
 	bintohex(buf1, 32, passhash);
 	printf("Master hex: %s\n", buf1);
+	memset(buf1, 0, 65);
 
 	uint8_t dk[64];
 	rc = genpass(dk, (uint8_t *)passwd, passwdlen, (void*) *argv,
@@ -179,6 +180,7 @@ main(int argc, char *argv[])
 	char buf[129];
 	bintohex(buf, 64, dk);
 	printf("Pass hex: %s\n", buf);
+	memset(buf, 0, 129);
 
 	if ((outputlength < 3)||(outputlength > 64)) {
 		warn("Unable to generate password for output length %lu", outputlength);
@@ -188,6 +190,7 @@ main(int argc, char *argv[])
 	char output[outputlength + 1];
 	hashtopass(output, outputlength, dk);
 	printf("Generated password: %s\n", output);
+	memset(output, 0, outputlength + 1);
 
 	/* If we failed, print the right error message and exit. */
 	if (rc != 0) {