From 529e359e13fea336662c20c8cf9afda03147b9fe Mon Sep 17 00:00:00 2001
From: TLINDEN <git@daemon.de>
Date: Sat, 16 Nov 2013 16:00:53 +0100
Subject: [PATCH] fixed free() bug in derivekey(), now the caller has to free
 it.

---
 libpcp/key.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/libpcp/key.c b/libpcp/key.c
index 55b33e3..09c073d 100644
--- a/libpcp/key.c
+++ b/libpcp/key.c
@@ -49,7 +49,7 @@ unsigned char *pcp_derivekey(char *passphrase) {
 
   memset(passphrase, 0, plen);
   memset(temp, 0, crypto_hash_sha256_BYTES);
-  free(passphrase);
+
   free(temp);
   free(hash32);
 
@@ -136,6 +136,7 @@ pcp_key_t *pcpkey_encrypt(pcp_key_t *key, char *passphrase) {
   }
 
   unsigned char *encryptkey = pcp_derivekey(passphrase);  
+  free(passphrase);
 
   unsigned char *encrypted;
   size_t es;
@@ -164,6 +165,8 @@ pcp_key_t *pcpkey_encrypt(pcp_key_t *key, char *passphrase) {
 
 pcp_key_t *pcpkey_decrypt(pcp_key_t *key, char *passphrase) {
   unsigned char *encryptkey = pcp_derivekey(passphrase);  
+  free(passphrase);
+
   unsigned char *decrypted;
   size_t es;