diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-04-18 02:29:57 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-04-18 02:29:57 +0000 |
| commit | 4e3897a46ede418769e2b4af2846a0b4e98a658d (patch) | |
| tree | a08093b88bbbb7951aa2da340eb389300c1c5bc0 | |
| parent | b73e174df54e52dde3f7483276e3aec313c7391f (diff) | |
use freezero()
| -rw-r--r-- | sbin/iked/pfkey.c | 8 | ||||
| -rw-r--r-- | sbin/ipsecctl/pfkey.c | 11 | ||||
| -rw-r--r-- | usr.sbin/bgpd/pfkey.c | 11 | ||||
| -rw-r--r-- | usr.sbin/ldpd/pfkey.c | 11 | ||||
| -rw-r--r-- | usr.sbin/sasyncd/pfkey.c | 8 |
5 files changed, 18 insertions, 31 deletions
diff --git a/sbin/iked/pfkey.c b/sbin/iked/pfkey.c index 2a85b94b612..bcee41e29f3 100644 --- a/sbin/iked/pfkey.c +++ b/sbin/iked/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.57 2017/03/27 10:29:02 reyk Exp $ */ +/* $OpenBSD: pfkey.c,v 1.58 2017/04/18 02:29:56 deraadt Exp $ */ /* * Copyright (c) 2010-2013 Reyk Floeter <reyk@openbsd.org> @@ -850,8 +850,7 @@ pfkey_sa_last_used(int sd, struct iked_childsa *sa, uint64_t *last_used) log_debug("%s: last_used %llu", __func__, *last_used); done: - explicit_bzero(data, n); - free(data); + freezero(data, n); return (ret); } @@ -958,8 +957,7 @@ pfkey_sa_getspi(int sd, uint8_t satype, struct iked_childsa *sa, log_debug("%s: spi 0x%08x", __func__, *spip); done: - explicit_bzero(data, n); - free(data); + freezero(data, n); return (ret); } diff --git a/sbin/ipsecctl/pfkey.c b/sbin/ipsecctl/pfkey.c index 4926ce8e693..6361db928c3 100644 --- a/sbin/ipsecctl/pfkey.c +++ b/sbin/ipsecctl/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.58 2017/02/28 16:46:27 bluhm Exp $ */ +/* $OpenBSD: pfkey.c,v 1.59 2017/04/18 02:29:56 deraadt Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> * Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org> @@ -775,8 +775,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp) err(1, "pfkey_reply: malloc"); if (read(sd, data, len) != len) { warn("PF_KEY short read"); - explicit_bzero(data, len); - free(data); + freezero(data, len); return -1; } if (datap) { @@ -784,8 +783,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp) if (lenp) *lenp = len; } else { - explicit_bzero(data, len); - free(data); + freezero(data, len); } if (datap == NULL && hdr.sadb_msg_errno != 0) { errno = hdr.sadb_msg_errno; @@ -1336,8 +1334,7 @@ pfkey_monitor(int opts) pfkey_monitor_sa(msg, opts); if (opts & IPSECCTL_OPT_VERBOSE) pfkey_print_raw(data, len); - explicit_bzero(data, len); - free(data); + freezero(data, len); } close(fd); return 0; diff --git a/usr.sbin/bgpd/pfkey.c b/usr.sbin/bgpd/pfkey.c index b8d200d3de5..73a7d69c978 100644 --- a/usr.sbin/bgpd/pfkey.c +++ b/usr.sbin/bgpd/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.48 2017/03/02 19:54:22 renato Exp $ */ +/* $OpenBSD: pfkey.c,v 1.49 2017/04/18 02:29:56 deraadt Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -465,15 +465,13 @@ pfkey_reply(int sd, u_int32_t *spi) len = hdr.sadb_msg_len * PFKEY2_CHUNK; if (read(sd, data, len) != len) { log_warn("pfkey read"); - explicit_bzero(data, len); - free(data); + freezero(data, len); return (-1); } if (hdr.sadb_msg_type == SADB_GETSPI) { if (spi == NULL) { - explicit_bzero(data, len); - free(data); + freezero(data, len); return (0); } @@ -490,8 +488,7 @@ pfkey_reply(int sd, u_int32_t *spi) } } } - explicit_bzero(data, len); - free(data); + freezero(data, len); return (0); } diff --git a/usr.sbin/ldpd/pfkey.c b/usr.sbin/ldpd/pfkey.c index 57b8f4ac096..8e56c138b6e 100644 --- a/usr.sbin/ldpd/pfkey.c +++ b/usr.sbin/ldpd/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.10 2016/05/23 19:11:42 renato Exp $ */ +/* $OpenBSD: pfkey.c,v 1.11 2017/04/18 02:29:56 deraadt Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -309,15 +309,13 @@ pfkey_reply(int sd, uint32_t *spip) len = hdr.sadb_msg_len * PFKEY2_CHUNK; if (read(sd, data, len) != len) { log_warn("pfkey read"); - explicit_bzero(data, len); - free(data); + freezero(data, len); return (-1); } if (hdr.sadb_msg_type == SADB_GETSPI) { if (spip == NULL) { - explicit_bzero(data, len); - free(data); + freezero(data, len); return (0); } @@ -334,8 +332,7 @@ pfkey_reply(int sd, uint32_t *spip) } } } - explicit_bzero(data, len); - free(data); + freezero(data, len); return (0); } diff --git a/usr.sbin/sasyncd/pfkey.c b/usr.sbin/sasyncd/pfkey.c index 000fe7f53dd..7524f8671ee 100644 --- a/usr.sbin/sasyncd/pfkey.c +++ b/usr.sbin/sasyncd/pfkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pfkey.c,v 1.27 2016/08/27 04:21:08 guenther Exp $ */ +/* $OpenBSD: pfkey.c,v 1.28 2017/04/18 02:29:56 deraadt Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -497,8 +497,7 @@ pfkey_snapshot(void *v) m->sadb_msg_len * CHUNK, p->name); } } - explicit_bzero(sadb, sadbsz); - free(sadb); + freezero(sadb, sadbsz); } /* Parse SPD data */ @@ -528,8 +527,7 @@ pfkey_snapshot(void *v) } } /* Cleanup. */ - explicit_bzero(spd, spdsz); - free(spd); + freezero(spd, spdsz); } net_ctl_send_endsnap(p); |