From 8519ce0269632f2105f9f1b672d4e4396d740ef4 Mon Sep 17 00:00:00 2001
From: Hubert Chathi <hubertc@matrix.org>
Date: Fri, 10 Dec 2021 16:15:22 -0500
Subject: [PATCH] clear out random arrays

---
 javascript/olm_outbound_group_session.js | 11 +++++---
 javascript/olm_post.js                   | 33 +++++++++++++++++-------
 2 files changed, 32 insertions(+), 12 deletions(-)

diff --git a/javascript/olm_outbound_group_session.js b/javascript/olm_outbound_group_session.js
index e4852c1..7c5da65 100644
--- a/javascript/olm_outbound_group_session.js
+++ b/javascript/olm_outbound_group_session.js
@@ -67,9 +67,14 @@ OutboundGroupSession.prototype['create'] = restore_stack(function() {
         Module['_olm_init_outbound_group_session_random_length']
     )(this.ptr);
     var random = random_stack(random_length);
-    outbound_group_session_method(Module['_olm_init_outbound_group_session'])(
-        this.ptr, random, random_length
-    );
+    try {
+        outbound_group_session_method(Module['_olm_init_outbound_group_session'])(
+            this.ptr, random, random_length
+        );
+    } finally {
+        // clear the random buffer
+        bzero(random, random_length);
+    }
 });
 
 OutboundGroupSession.prototype['encrypt'] = function(plaintext) {
diff --git a/javascript/olm_post.js b/javascript/olm_post.js
index 7fc976a..bd7a06d 100644
--- a/javascript/olm_post.js
+++ b/javascript/olm_post.js
@@ -73,9 +73,14 @@ Account.prototype['create'] = restore_stack(function() {
         Module['_olm_create_account_random_length']
     )(this.ptr);
     var random = random_stack(random_length);
-    account_method(Module['_olm_create_account'])(
-        this.ptr, random, random_length
-    );
+    try {
+        account_method(Module['_olm_create_account'])(
+            this.ptr, random, random_length
+        );
+    } finally {
+        // clear the random buffer
+        bzero(random, random_length);
+    }
 });
 
 Account.prototype['identity_keys'] = restore_stack(function() {
@@ -140,9 +145,14 @@ Account.prototype['generate_one_time_keys'] = restore_stack(function(
         Module['_olm_account_generate_one_time_keys_random_length']
     )(this.ptr, number_of_keys);
     var random = random_stack(random_length);
-    account_method(Module['_olm_account_generate_one_time_keys'])(
-        this.ptr, number_of_keys, random, random_length
-    );
+    try {
+        account_method(Module['_olm_account_generate_one_time_keys'])(
+            this.ptr, number_of_keys, random, random_length
+        );
+    } finally {
+        // clear the random buffer
+        bzero(random, random_length);
+    }
 });
 
 Account.prototype['remove_one_time_keys'] = restore_stack(function(session) {
@@ -156,9 +166,14 @@ Account.prototype['generate_fallback_key'] = restore_stack(function() {
         Module['_olm_account_generate_fallback_key_random_length']
     )(this.ptr);
     var random = random_stack(random_length);
-    account_method(Module['_olm_account_generate_fallback_key'])(
-        this.ptr, random, random_length
-    );
+    try {
+        account_method(Module['_olm_account_generate_fallback_key'])(
+            this.ptr, random, random_length
+        );
+    } finally {
+        // clear the random buffer
+        bzero(random, random_length);
+    }
 });
 
 Account.prototype['fallback_key'] = restore_stack(function() {