From cf8265402f491ec80e9881d24dc1b8204ae8cdfc Mon Sep 17 00:00:00 2001
From: Michael Rosenberg <michael@mrosenberg.pub>
Date: Fri, 5 Jul 2024 11:09:13 -0400
Subject: [PATCH] Added zeroization to deserialization too

---
 crates/bonsaidb-local/src/hpke_util.rs | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)

diff --git a/crates/bonsaidb-local/src/hpke_util.rs b/crates/bonsaidb-local/src/hpke_util.rs
index 5426677928..0f90fc8a6a 100644
--- a/crates/bonsaidb-local/src/hpke_util.rs
+++ b/crates/bonsaidb-local/src/hpke_util.rs
@@ -39,10 +39,12 @@ macro_rules! impl_serde {
             pub(crate) fn deserialize<'de, D: Deserializer<'de>>(
                 deserializer: D,
             ) -> Result<$t, D::Error> {
-                let arr = GenericArray::<u8, <$t as Serializable>::OutputSize>::deserialize(
+                let mut arr = GenericArray::<u8, <$t as Serializable>::OutputSize>::deserialize(
                     deserializer,
                 )?;
-                <$t>::from_bytes(&arr).map_err(D::Error::custom)
+                let ret = <$t>::from_bytes(&arr).map_err(D::Error::custom);
+                arr.zeroize();
+                ret
             }
         }
     };