diff options
| author | Damien Miller <djm@cvs.openbsd.org> | 2016-01-12 23:42:55 +0000 |
|---|---|---|
| committer | Damien Miller <djm@cvs.openbsd.org> | 2016-01-12 23:42:55 +0000 |
| commit | cdc3dddce62a407970e72aab65fc28825c41585e (patch) | |
| tree | 60a2d4e99d69a5d94cb5898b88808202ed7a3cfd /usr.bin/ssh | |
| parent | 3d5c344fff1f36da66bfb827bc53cab5ebaea055 (diff) | |
use explicit_bzero() more liberally in the buffer code; ok deraadt
Diffstat (limited to 'usr.bin/ssh')
| -rw-r--r-- | usr.bin/ssh/sshbuf-getput-crypto.c | 12 | ||||
| -rw-r--r-- | usr.bin/ssh/sshbuf.c | 10 |
2 files changed, 11 insertions, 11 deletions
diff --git a/usr.bin/ssh/sshbuf-getput-crypto.c b/usr.bin/ssh/sshbuf-getput-crypto.c index aa2a9221d0b..e90f5ba8e6c 100644 --- a/usr.bin/ssh/sshbuf-getput-crypto.c +++ b/usr.bin/ssh/sshbuf-getput-crypto.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */ +/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -152,10 +152,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v) if (len > 0 && (d[1] & 0x80) != 0) prepend = 1; if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -171,13 +171,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v) if (BN_bn2bin(v, d) != (int)len_bytes) return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */ if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) { - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return r; } POKE_U16(dp, len_bits); if (len_bytes != 0) memcpy(dp + 2, d, len_bytes); - bzero(d, sizeof(d)); + explicit_bzero(d, sizeof(d)); return 0; } @@ -203,7 +203,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g) } BN_CTX_free(bn_ctx); ret = sshbuf_put_string(buf, d, len); - bzero(d, len); + explicit_bzero(d, len); return ret; } diff --git a/usr.bin/ssh/sshbuf.c b/usr.bin/ssh/sshbuf.c index 3c49d7f127e..5b122ebc111 100644 --- a/usr.bin/ssh/sshbuf.c +++ b/usr.bin/ssh/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.5 2015/12/11 04:21:12 mmcc Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.6 2016/01/12 23:42:54 djm Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -132,7 +132,7 @@ sshbuf_fromb(struct sshbuf *buf) void sshbuf_init(struct sshbuf *ret) { - bzero(ret, sizeof(*ret)); + explicit_bzero(ret, sizeof(*ret)); ret->alloc = SSHBUF_SIZE_INIT; ret->max_size = SSHBUF_SIZE_MAX; ret->readonly = 0; @@ -176,7 +176,7 @@ sshbuf_free(struct sshbuf *buf) explicit_bzero(buf->d, buf->alloc); free(buf->d); } - bzero(buf, sizeof(*buf)); + explicit_bzero(buf, sizeof(*buf)); if (!dont_free) free(buf); } @@ -192,7 +192,7 @@ sshbuf_reset(struct sshbuf *buf) return; } if (sshbuf_check_sanity(buf) == 0) - bzero(buf->d, buf->alloc); + explicit_bzero(buf->d, buf->alloc); buf->off = buf->size = 0; if (buf->alloc != SSHBUF_SIZE_INIT) { if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) { @@ -251,7 +251,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size) rlen = roundup(buf->size, SSHBUF_SIZE_INC); if (rlen > max_size) rlen = max_size; - bzero(buf->d + buf->size, buf->alloc - buf->size); + explicit_bzero(buf->d + buf->size, buf->alloc - buf->size); SSHBUF_DBG(("new alloc = %zu", rlen)); if ((dp = realloc(buf->d, rlen)) == NULL) return SSH_ERR_ALLOC_FAIL; |