From 0ec6a658583ae4d8b8463b20a640a0769b2ac630 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubert@uhoreg.ca>
Date: Tue, 16 Oct 2018 15:59:32 -0400
Subject: add more buffer clearing

---
 python/olm/group_session.py | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

(limited to 'python')

diff --git a/python/olm/group_session.py b/python/olm/group_session.py
index 814ce27..737d9ef 100644
--- a/python/olm/group_session.py
+++ b/python/olm/group_session.py
@@ -283,7 +283,12 @@ class InboundGroupSession(object):
             message_index
         )
         self._check_error(ret)
-        return bytes_to_native_str(ffi.unpack(export_buffer, export_length))
+        export_str = bytes_to_native_str(ffi.unpack(export_buffer, export_length))
+
+        # clear out copies of the key
+        lib.memset(export_buffer, 0, export_length)
+
+        return export_str
 
     @classmethod
     def import_session(cls, session_key):
@@ -313,6 +318,7 @@ class InboundGroupSession(object):
             )
             obj._check_error(ret)
         finally:
+            # clear out copies of the key
             if byte_session_key is not session_key:
                 for i in range(0, len(byte_session_key)):
                     byte_session_key[i] = 0
-- 
cgit v1.2.3