summaryrefslogtreecommitdiff
path: root/usr.bin/ssh/ssh-agent.c
diff options
context:
space:
mode:
authorDarren Tucker <dtucker@cvs.openbsd.org>2014-07-25 21:22:04 +0000
committerDarren Tucker <dtucker@cvs.openbsd.org>2014-07-25 21:22:04 +0000
commit414a503c4191c6889d7a6f558ce466de1b6fbcc1 (patch)
treeeef52a7a4eb3d4eee6b0f16fa03dd91b4c4d759c /usr.bin/ssh/ssh-agent.c
parent1107bc53735e78cf45502369a652bf945550be03 (diff)
Clear buffer used for handling messages. This prevents keys being
left in memory after they have been expired or deleted in some cases (but note that ssh-agent is setgid so you would still need root to access them). Pointed out by Kevin Burns, ok deraadt
Diffstat (limited to 'usr.bin/ssh/ssh-agent.c')
-rw-r--r--usr.bin/ssh/ssh-agent.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 9d0a2c6ac0b..37841752bc0 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.189 2014/07/18 02:46:01 djm Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.190 2014/07/25 21:22:03 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -953,6 +953,7 @@ after_select(fd_set *readset, fd_set *writeset)
break;
}
buffer_append(&sockets[i].input, buf, len);
+ explicit_bzero(buf, sizeof(buf));
process_message(&sockets[i]);
}
break;
generated by cgit v1.2.3 (git 2.25.1) at 2024-12-18 12:36:48 +0000