From ae4986a4330cb1a19689521ac3388034849da35f Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Sat, 20 Dec 2014 18:44:36 +0000
Subject: [PATCH] Do an smemclr(bytes) in bignum_random_in_range.

It's used for sensitive data, so we shouldn't leave it lying around
after free.
---
 sshbn.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/sshbn.c b/sshbn.c
index 42923ac0..8da7d8a0 100644
--- a/sshbn.c
+++ b/sshbn.c
@@ -1260,6 +1260,7 @@ Bignum bignum_random_in_range(const Bignum lower, const Bignum upper)
 
         ret = bignum_from_bytes(bytes, upper_bytes);
     } while (bignum_cmp(ret, lower) < 0 || bignum_cmp(ret, upper) > 0);
+    smemclr(bytes, upper_bytes);
     sfree(bytes);
 
     return ret;