From 528c1ad2aee55aa26e0641a561f4cc01a6077116 Mon Sep 17 00:00:00 2001
From: Richard Levitte <levitte@openssl.org>
Date: Wed, 21 May 2003 14:35:04 +0000
Subject: [PATCH] Cleanse the MD context properly when done adding or getting
 random data. PR: 619

---
 crypto/rand/md_rand.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/crypto/rand/md_rand.c b/crypto/rand/md_rand.c
index 5df32b4fe6..334e0bbfb1 100644
--- a/crypto/rand/md_rand.c
+++ b/crypto/rand/md_rand.c
@@ -292,7 +292,7 @@ static void ssleay_rand_add(const void *buf, int num, double add)
 				st_idx=0;
 			}
 		}
-	memset((char *)&m,0,sizeof(m));
+	OPENSSL_cleanse((char *)&m,0,sizeof(m));
 
 	if (!do_not_lock) CRYPTO_w_lock(CRYPTO_LOCK_RAND);
 	/* Don't just copy back local_md into md -- this could mean that
@@ -493,7 +493,7 @@ static int ssleay_rand_bytes(unsigned char *buf, int num)
 	MD_Final(md,&m);
 	CRYPTO_w_unlock(CRYPTO_LOCK_RAND);
 
-	memset(&m,0,sizeof(m));
+	OPENSSL_cleanse(&m,0,sizeof(m));
 	if (ok)
 		return(1);
 	else
-- 
2.25.1