From f94fcc6e0fc3daaca9b2cf86bc1b5de11b874ff8 Mon Sep 17 00:00:00 2001
From: deraadt <>
Date: Tue, 18 Apr 2017 04:06:21 +0000
Subject: [PATCH] use freezero() instead of explicit_bzero+free

---
 src/lib/libutil/pkcs5_pbkdf2.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/src/lib/libutil/pkcs5_pbkdf2.c b/src/lib/libutil/pkcs5_pbkdf2.c
index 789a712e..83d31a44 100644
--- a/src/lib/libutil/pkcs5_pbkdf2.c
+++ b/src/lib/libutil/pkcs5_pbkdf2.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pkcs5_pbkdf2.c,v 1.9 2015/02/05 12:59:57 millert Exp $	*/
+/*	$OpenBSD: pkcs5_pbkdf2.c,v 1.10 2017/04/18 04:06:21 deraadt Exp $	*/
 
 /*-
  * Copyright (c) 2008 Damien Bergamini <damien.bergamini@free.fr>
@@ -112,8 +112,7 @@ pkcs5_pbkdf2(const char *pass, size_t pass_len, const uint8_t *salt,
 		key += r;
 		key_len -= r;
 	};
-	explicit_bzero(asalt, salt_len + 4);
-	free(asalt);
+	freezero(asalt, salt_len + 4);
 	explicit_bzero(d1, sizeof(d1));
 	explicit_bzero(d2, sizeof(d2));
 	explicit_bzero(obuf, sizeof(obuf));