summaryrefslogtreecommitdiff
path: root/lib/libc
diff options
context:
space:
mode:
authorDoug Hogan <doug@cvs.openbsd.org>2014-08-25 07:50:27 +0000
committerDoug Hogan <doug@cvs.openbsd.org>2014-08-25 07:50:27 +0000
commit3ce4bc0c280ae5c7531019bcad5a537825322a3c (patch)
treea710ec3b6dfae01df1435cb8cf460b5545d9edd9 /lib/libc
parentf18e11632908ef2c093163862bc584b52fe13a54 (diff)
Delete secret or secret-derived data with explicit_bzero.
concept ok deraadt@ diff looks ok tedu@
Diffstat (limited to 'lib/libc')
-rw-r--r--lib/libc/gen/auth_subr.c26
1 files changed, 13 insertions, 13 deletions
diff --git a/lib/libc/gen/auth_subr.c b/lib/libc/gen/auth_subr.c
index 398233d3f0a..cfa857c6b3d 100644
--- a/lib/libc/gen/auth_subr.c
+++ b/lib/libc/gen/auth_subr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth_subr.c,v 1.40 2014/05/25 17:47:04 tedu Exp $ */
+/* $OpenBSD: auth_subr.c,v 1.41 2014/08/25 07:50:25 doug Exp $ */
/*
* Copyright (c) 2000-2002,2004 Todd C. Miller <Todd.Miller@courtesan.com>
@@ -202,7 +202,7 @@ auth_clean(auth_session_t *as)
*/
while ((data = as->data) != NULL) {
if (as->data->len)
- memset(as->data->ptr, 0, as->data->len);
+ explicit_bzero(as->data->ptr, as->data->len);
as->data = data->next;
free(data);
}
@@ -210,7 +210,7 @@ auth_clean(auth_session_t *as)
auth_setitem(as, AUTHV_ALL, NULL);
if (as->pwd != NULL) {
- memset(as->pwd->pw_passwd, 0, strlen(as->pwd->pw_passwd));
+ explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd));
free(as->pwd);
as->pwd = NULL;
}
@@ -268,13 +268,13 @@ auth_close(auth_session_t *as)
*/
while ((data = as->data) != NULL) {
if (as->data->len)
- memset(as->data->ptr, 0, as->data->len);
+ explicit_bzero(as->data->ptr, as->data->len);
as->data = data->next;
free(data);
}
if (as->pwd != NULL) {
- memset(as->pwd->pw_passwd, 0, strlen(as->pwd->pw_passwd));
+ explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd));
free(as->pwd);
as->pwd = NULL;
}
@@ -644,7 +644,7 @@ auth_setpwd(auth_session_t *as, struct passwd *pwd)
if ((pwd = pw_dup(pwd)) == NULL)
return (-1); /* true failure */
if (as->pwd) {
- memset(as->pwd->pw_passwd, 0, strlen(as->pwd->pw_passwd));
+ explicit_bzero(as->pwd->pw_passwd, strlen(as->pwd->pw_passwd));
free(as->pwd);
}
as->pwd = pwd;
@@ -828,11 +828,11 @@ auth_call(auth_session_t *as, char *path, ...)
if (argc >= Nargc - 1 && _auth_next_arg(as)) {
if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) {
va_end(as->ap0);
- memset(&(as->ap0), 0, sizeof(as->ap0));
+ explicit_bzero(&(as->ap0), sizeof(as->ap0));
}
if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) {
va_end(as->ap);
- memset(&(as->ap), 0, sizeof(as->ap));
+ explicit_bzero(&(as->ap), sizeof(as->ap));
}
syslog(LOG_ERR, "too many arguments");
goto fail;
@@ -883,7 +883,7 @@ auth_call(auth_session_t *as, char *path, ...)
as->data = data->next;
if (data->len > 0) {
write(pfd[0], data->ptr, data->len);
- memset(data->ptr, 0, data->len);
+ explicit_bzero(data->ptr, data->len);
}
free(data);
}
@@ -977,12 +977,12 @@ fail:
if (memcmp(&nilap, &(as->ap0), sizeof(nilap)) != 0) {
va_end(as->ap0);
- memset(&(as->ap0), 0, sizeof(as->ap0));
+ explicit_bzero(&(as->ap0), sizeof(as->ap0));
}
if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) {
va_end(as->ap);
- memset(&(as->ap), 0, sizeof(as->ap));
+ explicit_bzero(&(as->ap), sizeof(as->ap));
}
return (okay);
}
@@ -1088,13 +1088,13 @@ _auth_next_arg(auth_session_t *as)
if ((arg = va_arg(as->ap0, char *)) != NULL)
return (arg);
va_end(as->ap0);
- memset(&(as->ap0), 0, sizeof(as->ap0));
+ explicit_bzero(&(as->ap0), sizeof(as->ap0));
}
if (memcmp(&nilap, &(as->ap), sizeof(nilap)) != 0) {
if ((arg = va_arg(as->ap, char *)) != NULL)
return (arg);
va_end(as->ap);
- memset(&(as->ap), 0, sizeof(as->ap));
+ explicit_bzero(&(as->ap), sizeof(as->ap));
}
return (NULL);
}