From 5d0c163b372a38f0500e0f768d923a9a27b492b7 Mon Sep 17 00:00:00 2001
From: Adam Langley <agl@google.com>
Date: Wed, 24 Sep 2014 15:17:09 -0700
Subject: [PATCH] Also clean the last byte of the PSK identity.

Patch by Alex Kljubin.

Change-Id: Ieec830dce11b501aaa82f03c82ff04c3cdde41e1
Reviewed-on: https://boringssl-review.googlesource.com/1831
Reviewed-by: Adam Langley <agl@google.com>
---
 ssl/s3_clnt.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/ssl/s3_clnt.c b/ssl/s3_clnt.c
index cb9f95fe..58c0f414 100644
--- a/ssl/s3_clnt.c
+++ b/ssl/s3_clnt.c
@@ -1959,7 +1959,7 @@ int ssl3_send_client_key_exchange(SSL *s)
 				}
 			psk_err = 0;
 		psk_err:
-			OPENSSL_cleanse(identity, PSK_MAX_IDENTITY_LEN);
+			OPENSSL_cleanse(identity, sizeof(identity));
 			OPENSSL_cleanse(pre_ms, sizeof(pre_ms));
 			if (psk_err != 0)
 				{