heimdal:lib/gssapi/krb5: clear temporary buffer with cleartext data.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/heimdal/lib/gssapi/krb5/arcfour.c b/source4/heimdal/lib/gssapi/krb5/arcfour.c
index f5e41e4056f369b888466611b0d456a64bc90ea0..5cd1fe3b9f33a72cd45ed2233a382742bfd26e1d 100644 (file)
--- a/source4/heimdal/lib/gssapi/krb5/arcfour.c
+++ b/source4/heimdal/lib/gssapi/krb5/arcfour.c
@@ -149,6 +149,7 @@ arcfour_mic_cksum(krb5_context context,
                               0,
                               ptr, len,
                               &CKSUM);
+    memset(ptr, 0, len);
     free(ptr);
     if (ret == 0) {
        memcpy(sgn_cksum, CKSUM.checksum.data, sgn_cksum_sz);