# Prevent gdbm from storing uninitialized memory content
# to database files. This patch improves security, as the
# uninitialized memory might contain sensitive informations
# from other applications.
# https://bugzilla.redhat.com/show_bug.cgi?id=4457
# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=208927

--- src/falloc.c.zeroheaders	2011-11-11 11:59:11.000000000 +0100
+++ src/falloc.c	2011-11-14 17:34:32.487604027 +0100
@@ -255,7 +255,7 @@ push_avail_block (GDBM_FILE dbf)


   /* Split the header block. */
-  temp = (avail_block *) malloc (av_size);
+  temp = (avail_block *) calloc (1, av_size);
   if (temp == NULL) _gdbm_fatal (dbf, _("malloc error"));
   /* Set the size to be correct AFTER the pop_avail_block. */
   temp->size = dbf->header->avail.size;
--- src/gdbmopen.c.zeroheaders	2011-11-11 19:39:42.000000000 +0100
+++ src/gdbmopen.c	2011-11-14 17:33:24.867608650 +0100
@@ -264,7 +264,7 @@ gdbm_open (const char *file, int block_s
	(dbf->header->block_size - sizeof (hash_bucket))
	/ sizeof (bucket_element) + 1;
       dbf->header->bucket_size  = dbf->header->block_size;
-      dbf->bucket = (hash_bucket *) malloc (dbf->header->bucket_size);
+      dbf->bucket = (hash_bucket *) calloc (1, dbf->header->bucket_size);
       if (dbf->bucket == NULL)
	{
	  gdbm_close (dbf);
@@ -456,7 +456,7 @@ _gdbm_init_cache(GDBM_FILE dbf, size_t s
       for(index = 0; index < size; index++)
         {
           (dbf->bucket_cache[index]).ca_bucket
-            = (hash_bucket *) malloc (dbf->header->bucket_size);
+            = (hash_bucket *) calloc (1, dbf->header->bucket_size);
           if ((dbf->bucket_cache[index]).ca_bucket == NULL)
	    {
               gdbm_errno = GDBM_MALLOC_ERROR;