summaryrefslogtreecommitdiff
path: root/sbin/ipsecctl
diff options
context:
space:
mode:
authormmcc <mmcc@cvs.openbsd.org>2015-10-18 02:30:54 +0000
committermmcc <mmcc@cvs.openbsd.org>2015-10-18 02:30:54 +0000
commite8c13c873255c8933830f430dd106b92ee2a1d1a (patch)
tree7d5c899b442094c5b149225c513bb1a8fbb807a3 /sbin/ipsecctl
parent53e42bf5a8b8e0dfbd8ea3901a15a08d2c576eba (diff)
Use explicit_bzero() when the memory is freed directly afterward.
ok deraadt@
Diffstat (limited to 'sbin/ipsecctl')
-rw-r--r--sbin/ipsecctl/pfkey.c8
1 files changed, 4 insertions, 4 deletions
diff --git a/sbin/ipsecctl/pfkey.c b/sbin/ipsecctl/pfkey.c
index 6761fa848ec..d14f1e5cc20 100644
--- a/sbin/ipsecctl/pfkey.c
+++ b/sbin/ipsecctl/pfkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: pfkey.c,v 1.54 2014/11/03 03:22:22 deraadt Exp $ */
+/* $OpenBSD: pfkey.c,v 1.55 2015/10/18 02:30:53 mmcc Exp $ */
/*
* Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
* Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org>
@@ -780,7 +780,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp)
err(1, "pfkey_reply: malloc");
if (read(sd, data, len) != len) {
warn("PF_KEY short read");
- bzero(data, len);
+ explicit_bzero(data, len);
free(data);
return -1;
}
@@ -789,7 +789,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp)
if (lenp)
*lenp = len;
} else {
- bzero(data, len);
+ explicit_bzero(data, len);
free(data);
}
if (datap == NULL && hdr.sadb_msg_errno != 0) {
@@ -1341,7 +1341,7 @@ pfkey_monitor(int opts)
pfkey_monitor_sa(msg, opts);
if (opts & IPSECCTL_OPT_VERBOSE)
pfkey_print_raw(data, len);
- memset(data, 0, len);
+ explicit_bzero(data, len);
free(data);
}
close(fd);
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 23:55:00 +0000