summaryrefslogtreecommitdiff
path: root/usr.bin/ssh
diff options
context:
space:
mode:
authorJonathan Gray <jsg@cvs.openbsd.org>2020-02-26 13:40:10 +0000
committerJonathan Gray <jsg@cvs.openbsd.org>2020-02-26 13:40:10 +0000
commit7d9906cf5784b21f9d2afab98129af86715d51d8 (patch)
tree1d38bfb6ebb0674052bf0164b7d957d5def05464 /usr.bin/ssh
parentfb45ee0a45364eeff0ab5dbbff8f2fd9f27266f9 (diff)
change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@
Diffstat (limited to 'usr.bin/ssh')
-rw-r--r--usr.bin/ssh/auth-options.c5
-rw-r--r--usr.bin/ssh/auth2-chall.c5
-rw-r--r--usr.bin/ssh/auth2-passwd.c5
-rw-r--r--usr.bin/ssh/authfd.c8
-rw-r--r--usr.bin/ssh/channels.c11
-rw-r--r--usr.bin/ssh/cipher.c8
-rw-r--r--usr.bin/ssh/clientloop.c5
-rw-r--r--usr.bin/ssh/digest-libc.c5
-rw-r--r--usr.bin/ssh/hmac.c5
-rw-r--r--usr.bin/ssh/hostfile.c5
-rw-r--r--usr.bin/ssh/kex.c5
-rw-r--r--usr.bin/ssh/monitor.c5
-rw-r--r--usr.bin/ssh/ssh-add.c11
-rw-r--r--usr.bin/ssh/ssh-agent.c5
-rw-r--r--usr.bin/ssh/ssh-dss.c8
-rw-r--r--usr.bin/ssh/ssh-ed25519-sk.c8
-rw-r--r--usr.bin/ssh/ssh-ed25519.c20
-rw-r--r--usr.bin/ssh/ssh-keygen.c26
-rw-r--r--usr.bin/ssh/ssh-xmss.c20
-rw-r--r--usr.bin/ssh/sshbuf-misc.c11
-rw-r--r--usr.bin/ssh/sshbuf.c5
-rw-r--r--usr.bin/ssh/sshkey.c44
-rw-r--r--usr.bin/ssh/umac.c5
23 files changed, 86 insertions, 149 deletions
diff --git a/usr.bin/ssh/auth-options.c b/usr.bin/ssh/auth-options.c
index d2a0bc9d487..d01fbf7c793 100644
--- a/usr.bin/ssh/auth-options.c
+++ b/usr.bin/ssh/auth-options.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth-options.c,v 1.90 2019/11/25 00:54:23 djm Exp $ */
+/* $OpenBSD: auth-options.c,v 1.91 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2018 Damien Miller <djm@mindrot.org>
*
@@ -219,8 +219,7 @@ sshauthopt_free(struct sshauthopt *opts)
free(opts->permitlisten[i]);
free(opts->permitlisten);
- explicit_bzero(opts, sizeof(*opts));
- free(opts);
+ freezero(opts, sizeof(*opts));
}
struct sshauthopt *
diff --git a/usr.bin/ssh/auth2-chall.c b/usr.bin/ssh/auth2-chall.c
index 01493ff099f..b5f3d6c8629 100644
--- a/usr.bin/ssh/auth2-chall.c
+++ b/usr.bin/ssh/auth2-chall.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.52 2019/11/13 04:47:52 deraadt Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.53 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2001 Per Allansson. All rights reserved.
@@ -108,8 +108,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt)
if (kbdintctxt->device)
kbdint_reset_device(kbdintctxt);
free(kbdintctxt->devices);
- explicit_bzero(kbdintctxt, sizeof(*kbdintctxt));
- free(kbdintctxt);
+ freezero(kbdintctxt, sizeof(*kbdintctxt));
}
/* get next device */
static int
diff --git a/usr.bin/ssh/auth2-passwd.c b/usr.bin/ssh/auth2-passwd.c
index 2c13bb3c975..a19e29ed63b 100644
--- a/usr.bin/ssh/auth2-passwd.c
+++ b/usr.bin/ssh/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.18 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -64,8 +64,7 @@ userauth_passwd(struct ssh *ssh)
logit("password change not supported");
else if (PRIVSEP(auth_password(ssh, password)) == 1)
authenticated = 1;
- explicit_bzero(password, len);
- free(password);
+ freezero(password, len);
return authenticated;
}
diff --git a/usr.bin/ssh/authfd.c b/usr.bin/ssh/authfd.c
index 201c0c89586..81a444ce6f3 100644
--- a/usr.bin/ssh/authfd.c
+++ b/usr.bin/ssh/authfd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */
+/* $OpenBSD: authfd.c,v 1.122 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -560,10 +560,8 @@ ssh_remove_identity(int sock, struct sshkey *key)
goto out;
r = decode_reply(type);
out:
- if (blob != NULL) {
- explicit_bzero(blob, blen);
- free(blob);
- }
+ if (blob != NULL)
+ freezero(blob, blen);
sshbuf_free(msg);
return r;
}
diff --git a/usr.bin/ssh/channels.c b/usr.bin/ssh/channels.c
index 41a18f71c62..d321a0d4126 100644
--- a/usr.bin/ssh/channels.c
+++ b/usr.bin/ssh/channels.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: channels.c,v 1.395 2020/01/25 06:40:20 djm Exp $ */
+/* $OpenBSD: channels.c,v 1.396 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -615,14 +615,12 @@ channel_free(struct ssh *ssh, Channel *c)
if (cc->abandon_cb != NULL)
cc->abandon_cb(ssh, c, cc->ctx);
TAILQ_REMOVE(&c->status_confirms, cc, entry);
- explicit_bzero(cc, sizeof(*cc));
- free(cc);
+ freezero(cc, sizeof(*cc));
}
if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
c->filter_cleanup(ssh, c->self, c->filter_ctx);
sc->channels[c->self] = NULL;
- explicit_bzero(c, sizeof(*c));
- free(c);
+ freezero(c, sizeof(*c));
}
void
@@ -3262,8 +3260,7 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh)
return 0;
cc->cb(ssh, type, c, cc->ctx);
TAILQ_REMOVE(&c->status_confirms, cc, entry);
- explicit_bzero(cc, sizeof(*cc));
- free(cc);
+ freezero(cc, sizeof(*cc));
return 0;
}
diff --git a/usr.bin/ssh/cipher.c b/usr.bin/ssh/cipher.c
index 714d4591554..3f497e9585d 100644
--- a/usr.bin/ssh/cipher.c
+++ b/usr.bin/ssh/cipher.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: cipher.c,v 1.114 2020/01/23 10:24:29 dtucker Exp $ */
+/* $OpenBSD: cipher.c,v 1.115 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -320,8 +320,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher,
#ifdef WITH_OPENSSL
EVP_CIPHER_CTX_free(cc->evp);
#endif /* WITH_OPENSSL */
- explicit_bzero(cc, sizeof(*cc));
- free(cc);
+ freezero(cc, sizeof(*cc));
}
}
return ret;
@@ -426,8 +425,7 @@ cipher_free(struct sshcipher_ctx *cc)
EVP_CIPHER_CTX_free(cc->evp);
cc->evp = NULL;
#endif
- explicit_bzero(cc, sizeof(*cc));
- free(cc);
+ freezero(cc, sizeof(*cc));
}
/*
diff --git a/usr.bin/ssh/clientloop.c b/usr.bin/ssh/clientloop.c
index 9e68bae6957..3873ec99cdb 100644
--- a/usr.bin/ssh/clientloop.c
+++ b/usr.bin/ssh/clientloop.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: clientloop.c,v 1.341 2020/02/26 01:31:47 dtucker Exp $ */
+/* $OpenBSD: clientloop.c,v 1.342 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -466,8 +466,7 @@ client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh)
gc->cb(ssh, type, seq, gc->ctx);
if (--gc->ref_count <= 0) {
TAILQ_REMOVE(&global_confirms, gc, entry);
- explicit_bzero(gc, sizeof(*gc));
- free(gc);
+ freezero(gc, sizeof(*gc));
}
ssh_packet_set_alive_timeouts(ssh, 0);
diff --git a/usr.bin/ssh/digest-libc.c b/usr.bin/ssh/digest-libc.c
index 6bf773bb403..b071e6adaa7 100644
--- a/usr.bin/ssh/digest-libc.c
+++ b/usr.bin/ssh/digest-libc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest-libc.c,v 1.6 2017/05/08 22:57:38 djm Exp $ */
+/* $OpenBSD: digest-libc.c,v 1.7 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2013 Damien Miller <djm@mindrot.org>
* Copyright (c) 2014 Markus Friedl. All rights reserved.
@@ -220,8 +220,7 @@ ssh_digest_free(struct ssh_digest_ctx *ctx)
if (digest) {
explicit_bzero(ctx->mdctx, digest->ctx_len);
free(ctx->mdctx);
- explicit_bzero(ctx, sizeof(*ctx));
- free(ctx);
+ freezero(ctx, sizeof(*ctx));
}
}
}
diff --git a/usr.bin/ssh/hmac.c b/usr.bin/ssh/hmac.c
index bb6fd6200bd..9f6225d045a 100644
--- a/usr.bin/ssh/hmac.c
+++ b/usr.bin/ssh/hmac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hmac.c,v 1.13 2019/09/06 04:53:27 djm Exp $ */
+/* $OpenBSD: hmac.c,v 1.14 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2014 Markus Friedl. All rights reserved.
*
@@ -128,8 +128,7 @@ ssh_hmac_free(struct ssh_hmac_ctx *ctx)
explicit_bzero(ctx->buf, ctx->buf_len);
free(ctx->buf);
}
- explicit_bzero(ctx, sizeof(*ctx));
- free(ctx);
+ freezero(ctx, sizeof(*ctx));
}
}
diff --git a/usr.bin/ssh/hostfile.c b/usr.bin/ssh/hostfile.c
index e4224804c81..1ec86f324aa 100644
--- a/usr.bin/ssh/hostfile.c
+++ b/usr.bin/ssh/hostfile.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: hostfile.c,v 1.77 2020/01/25 00:21:08 djm Exp $ */
+/* $OpenBSD: hostfile.c,v 1.78 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -296,8 +296,7 @@ free_hostkeys(struct hostkeys *hostkeys)
explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
}
free(hostkeys->entries);
- explicit_bzero(hostkeys, sizeof(*hostkeys));
- free(hostkeys);
+ freezero(hostkeys, sizeof(*hostkeys));
}
static int
diff --git a/usr.bin/ssh/kex.c b/usr.bin/ssh/kex.c
index 3f12dbce16f..baacdead81b 100644
--- a/usr.bin/ssh/kex.c
+++ b/usr.bin/ssh/kex.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: kex.c,v 1.156 2020/01/23 10:24:29 dtucker Exp $ */
+/* $OpenBSD: kex.c,v 1.157 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
*
@@ -657,8 +657,7 @@ kex_free_newkeys(struct newkeys *newkeys)
}
free(newkeys->mac.name);
explicit_bzero(&newkeys->mac, sizeof(newkeys->mac));
- explicit_bzero(newkeys, sizeof(*newkeys));
- free(newkeys);
+ freezero(newkeys, sizeof(*newkeys));
}
void
diff --git a/usr.bin/ssh/monitor.c b/usr.bin/ssh/monitor.c
index b0a4a5e53d1..bbdde37f260 100644
--- a/usr.bin/ssh/monitor.c
+++ b/usr.bin/ssh/monitor.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor.c,v 1.208 2020/02/06 22:30:54 naddy Exp $ */
+/* $OpenBSD: monitor.c,v 1.209 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright 2002 Niels Provos <provos@citi.umich.edu>
* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -789,8 +789,7 @@ mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m)
/* Only authenticate if the context is valid */
authenticated = options.password_authentication &&
auth_password(ssh, passwd);
- explicit_bzero(passwd, plen);
- free(passwd);
+ freezero(passwd, plen);
sshbuf_reset(m);
if ((r = sshbuf_put_u32(m, authenticated)) != 0)
diff --git a/usr.bin/ssh/ssh-add.c b/usr.bin/ssh/ssh-add.c
index eac8fafb946..a4c04317449 100644
--- a/usr.bin/ssh/ssh-add.c
+++ b/usr.bin/ssh/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.153 2020/02/18 08:58:33 dtucker Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.154 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -98,8 +98,7 @@ static void
clear_pass(void)
{
if (pass) {
- explicit_bzero(pass, strlen(pass));
- free(pass);
+ freezero(pass, strlen(pass));
pass = NULL;
}
}
@@ -514,8 +513,7 @@ lock_agent(int agent_fd, int lock)
fprintf(stderr, "Passwords do not match.\n");
passok = 0;
}
- explicit_bzero(p2, strlen(p2));
- free(p2);
+ freezero(p2, strlen(p2));
}
if (passok) {
if ((r = ssh_lock_agent(agent_fd, lock, p1)) == 0) {
@@ -526,8 +524,7 @@ lock_agent(int agent_fd, int lock)
lock ? "" : "un", ssh_err(r));
}
}
- explicit_bzero(p1, strlen(p1));
- free(p1);
+ freezero(p1, strlen(p1));
return (ret);
}
diff --git a/usr.bin/ssh/ssh-agent.c b/usr.bin/ssh/ssh-agent.c
index 3e0bc1dec83..299160155e4 100644
--- a/usr.bin/ssh/ssh-agent.c
+++ b/usr.bin/ssh/ssh-agent.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-agent.c,v 1.255 2020/02/06 22:30:54 naddy Exp $ */
+/* $OpenBSD: ssh-agent.c,v 1.256 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -606,8 +606,7 @@ process_lock_agent(SocketEntry *e, int lock)
fatal("bcrypt_pbkdf");
success = 1;
}
- explicit_bzero(passwd, pwlen);
- free(passwd);
+ freezero(passwd, pwlen);
send_status(e, success);
}
diff --git a/usr.bin/ssh/ssh-dss.c b/usr.bin/ssh/ssh-dss.c
index 358d7cc017e..c54bfd3620c 100644
--- a/usr.bin/ssh/ssh-dss.c
+++ b/usr.bin/ssh/ssh-dss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-dss.c,v 1.38 2018/09/13 02:08:33 djm Exp $ */
+/* $OpenBSD: ssh-dss.c,v 1.39 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -192,9 +192,7 @@ ssh_dss_verify(const struct sshkey *key,
BN_clear_free(sig_s);
sshbuf_free(b);
free(ktype);
- if (sigblob != NULL) {
- explicit_bzero(sigblob, len);
- free(sigblob);
- }
+ if (sigblob != NULL)
+ freezero(sigblob, len);
return ret;
}
diff --git a/usr.bin/ssh/ssh-ed25519-sk.c b/usr.bin/ssh/ssh-ed25519-sk.c
index 89bf479dc21..44ce9ec591c 100644
--- a/usr.bin/ssh/ssh-ed25519-sk.c
+++ b/usr.bin/ssh/ssh-ed25519-sk.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519-sk.c,v 1.4 2019/11/26 03:04:27 djm Exp $ */
+/* $OpenBSD: ssh-ed25519-sk.c,v 1.5 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2019 Markus Friedl. All rights reserved.
*
@@ -152,10 +152,8 @@ ssh_ed25519_sk_verify(const struct sshkey *key,
details = NULL;
}
out:
- if (m != NULL) {
- explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */
- free(m);
- }
+ if (m != NULL)
+ freezero(m, smlen); /* NB mlen may be invalid if r != 0 */
sshkey_sig_details_free(details);
sshbuf_free(b);
sshbuf_free(encoded);
diff --git a/usr.bin/ssh/ssh-ed25519.c b/usr.bin/ssh/ssh-ed25519.c
index e309d876b3b..0c86f9a2b7e 100644
--- a/usr.bin/ssh/ssh-ed25519.c
+++ b/usr.bin/ssh/ssh-ed25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */
+/* $OpenBSD: ssh-ed25519.c,v 1.8 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2013 Markus Friedl <markus@openbsd.org>
*
@@ -80,10 +80,8 @@ ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
r = 0;
out:
sshbuf_free(b);
- if (sig != NULL) {
- explicit_bzero(sig, slen);
- free(sig);
- }
+ if (sig != NULL)
+ freezero(sig, slen);
return r;
}
@@ -150,14 +148,10 @@ ssh_ed25519_verify(const struct sshkey *key,
/* success */
r = 0;
out:
- if (sm != NULL) {
- explicit_bzero(sm, smlen);
- free(sm);
- }
- if (m != NULL) {
- explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */
- free(m);
- }
+ if (sm != NULL)
+ freezero(sm, smlen);
+ if (m != NULL)
+ freezero(m, smlen); /* NB mlen may be invalid if r != 0 */
sshbuf_free(b);
free(ktype);
return r;
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index 86b2308d8d5..2564e130261 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.399 2020/02/26 13:40:09 jsg Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -315,8 +315,7 @@ load_identity(const char *filename, char **commentp)
else
pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN);
r = sshkey_load_private(filename, pass, &prv, commentp);
- explicit_bzero(pass, strlen(pass));
- free(pass);
+ freezero(pass, strlen(pass));
if (r != 0)
fatal("Load key \"%s\": %s", filename, ssh_err(r));
return prv;
@@ -1402,8 +1401,7 @@ do_change_passphrase(struct passwd *pw)
RP_ALLOW_STDIN);
r = sshkey_load_private(identity_file, old_passphrase,
&private, &comment);
- explicit_bzero(old_passphrase, strlen(old_passphrase));
- free(old_passphrase);
+ freezero(old_passphrase, strlen(old_passphrase));
if (r != 0)
goto badkey;
} else if (r != 0) {
@@ -1434,8 +1432,7 @@ do_change_passphrase(struct passwd *pw)
exit(1);
}
/* Destroy the other copy. */
- explicit_bzero(passphrase2, strlen(passphrase2));
- free(passphrase2);
+ freezero(passphrase2, strlen(passphrase2));
}
/* Save the file using the new passphrase. */
@@ -1443,15 +1440,13 @@ do_change_passphrase(struct passwd *pw)
comment, private_key_format, openssh_format_cipher, rounds)) != 0) {
error("Saving key \"%s\" failed: %s.",
identity_file, ssh_err(r));
- explicit_bzero(passphrase1, strlen(passphrase1));
- free(passphrase1);
+ freezero(passphrase1, strlen(passphrase1));
sshkey_free(private);
free(comment);
exit(1);
}
/* Destroy the passphrase and the copy of the key in memory. */
- explicit_bzero(passphrase1, strlen(passphrase1));
- free(passphrase1);
+ freezero(passphrase1, strlen(passphrase1));
sshkey_free(private); /* Destroys contents */
free(comment);
@@ -1521,8 +1516,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
/* Try to load using the passphrase. */
if ((r = sshkey_load_private(identity_file, passphrase,
&private, &comment)) != 0) {
- explicit_bzero(passphrase, strlen(passphrase));
- free(passphrase);
+ freezero(passphrase, strlen(passphrase));
fatal("Cannot load private key \"%s\": %s.",
identity_file, ssh_err(r));
}
@@ -1567,14 +1561,12 @@ do_change_comment(struct passwd *pw, const char *identity_comment)
rounds)) != 0) {
error("Saving key \"%s\" failed: %s",
identity_file, ssh_err(r));
- explicit_bzero(passphrase, strlen(passphrase));
- free(passphrase);
+ freezero(passphrase, strlen(passphrase));
sshkey_free(private);
free(comment);
exit(1);
}
- explicit_bzero(passphrase, strlen(passphrase));
- free(passphrase);
+ freezero(passphrase, strlen(passphrase));
if ((r = sshkey_from_private(private, &public)) != 0)
fatal("sshkey_from_private failed: %s", ssh_err(r));
sshkey_free(private);
diff --git a/usr.bin/ssh/ssh-xmss.c b/usr.bin/ssh/ssh-xmss.c
index d9dafd762a6..5aee5614387 100644
--- a/usr.bin/ssh/ssh-xmss.c
+++ b/usr.bin/ssh/ssh-xmss.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $*/
+/* $OpenBSD: ssh-xmss.c,v 1.2 2020/02/26 13:40:09 jsg Exp $*/
/*
* Copyright (c) 2017 Stefan-Lukas Gazdag.
* Copyright (c) 2017 Markus Friedl.
@@ -100,10 +100,8 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
r = ret;
}
sshbuf_free(b);
- if (sig != NULL) {
- explicit_bzero(sig, slen);
- free(sig);
- }
+ if (sig != NULL)
+ freezero(sig, slen);
return r;
}
@@ -174,14 +172,10 @@ ssh_xmss_verify(const struct sshkey *key,
/* success */
r = 0;
out:
- if (sm != NULL) {
- explicit_bzero(sm, smlen);
- free(sm);
- }
- if (m != NULL) {
- explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */
- free(m);
- }
+ if (sm != NULL)
+ freezero(sm, smlen);
+ if (m != NULL)
+ freezero(m, smlen);
sshbuf_free(b);
free(ktype);
return r;
diff --git a/usr.bin/ssh/sshbuf-misc.c b/usr.bin/ssh/sshbuf-misc.c
index af02fe69e3f..9ece8bc64a8 100644
--- a/usr.bin/ssh/sshbuf-misc.c
+++ b/usr.bin/ssh/sshbuf-misc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf-misc.c,v 1.13 2020/01/25 23:28:06 djm Exp $ */
+/* $OpenBSD: sshbuf-misc.c,v 1.14 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -152,17 +152,14 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64)
if ((p = malloc(plen)) == NULL)
return SSH_ERR_ALLOC_FAIL;
if ((nlen = b64_pton(b64, p, plen)) < 0) {
- explicit_bzero(p, plen);
- free(p);
+ freezero(p, plen);
return SSH_ERR_INVALID_FORMAT;
}
if ((r = sshbuf_put(buf, p, nlen)) < 0) {
- explicit_bzero(p, plen);
- free(p);
+ freezero(p, plen);
return r;
}
- explicit_bzero(p, plen);
- free(p);
+ freezero(p, plen);
return 0;
}
diff --git a/usr.bin/ssh/sshbuf.c b/usr.bin/ssh/sshbuf.c
index 1eaaf77854f..e8c4781cbdd 100644
--- a/usr.bin/ssh/sshbuf.c
+++ b/usr.bin/ssh/sshbuf.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshbuf.c,v 1.14 2020/01/23 07:10:22 dtucker Exp $ */
+/* $OpenBSD: sshbuf.c,v 1.15 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2011 Damien Miller
*
@@ -162,8 +162,7 @@ sshbuf_free(struct sshbuf *buf)
explicit_bzero(buf->d, buf->alloc);
free(buf->d);
}
- explicit_bzero(buf, sizeof(*buf));
- free(buf);
+ freezero(buf, sizeof(*buf));
}
void
diff --git a/usr.bin/ssh/sshkey.c b/usr.bin/ssh/sshkey.c
index 00dd205ea61..d2055bd27a0 100644
--- a/usr.bin/ssh/sshkey.c
+++ b/usr.bin/ssh/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.99 2020/01/21 05:56:56 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.100 2020/02/26 13:40:09 jsg Exp $ */
/*
* Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
* Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -990,10 +990,8 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg,
r = 0;
out:
free(ret);
- if (blob != NULL) {
- explicit_bzero(blob, blob_len);
- free(blob);
- }
+ if (blob != NULL)
+ freezero(blob, blob_len);
return r;
}
@@ -1251,12 +1249,10 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg,
dgst_raw, dgst_raw_len, k);
break;
default:
- explicit_bzero(dgst_raw, dgst_raw_len);
- free(dgst_raw);
+ freezero(dgst_raw, dgst_raw_len);
return NULL;
}
- explicit_bzero(dgst_raw, dgst_raw_len);
- free(dgst_raw);
+ freezero(dgst_raw, dgst_raw_len);
return retval;
}
@@ -3999,18 +3995,12 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob,
sshbuf_free(encrypted);
cipher_free(ciphercontext);
explicit_bzero(salt, sizeof(salt));
- if (key != NULL) {
- explicit_bzero(key, keylen + ivlen);
- free(key);
- }
- if (pubkeyblob != NULL) {
- explicit_bzero(pubkeyblob, pubkeylen);
- free(pubkeyblob);
- }
- if (b64 != NULL) {
- explicit_bzero(b64, strlen(b64));
- free(b64);
- }
+ if (key != NULL)
+ freezero(key, keylen + ivlen);
+ if (pubkeyblob != NULL)
+ freezero(pubkeyblob, pubkeylen);
+ if (b64 != NULL)
+ freezero(b64, strlen(b64));
return r;
}
@@ -4218,14 +4208,10 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase,
free(ciphername);
free(kdfname);
free(comment);
- if (salt != NULL) {
- explicit_bzero(salt, slen);
- free(salt);
- }
- if (key != NULL) {
- explicit_bzero(key, keylen + ivlen);
- free(key);
- }
+ if (salt != NULL)
+ freezero(salt, slen);
+ if (key != NULL)
+ freezero(key, keylen + ivlen);
sshbuf_free(encoded);
sshbuf_free(decoded);
sshbuf_free(kdf);
diff --git a/usr.bin/ssh/umac.c b/usr.bin/ssh/umac.c
index 6f53eea76e0..c5a8d5ce2a3 100644
--- a/usr.bin/ssh/umac.c
+++ b/usr.bin/ssh/umac.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: umac.c,v 1.18 2019/11/13 04:47:52 deraadt Exp $ */
+/* $OpenBSD: umac.c,v 1.19 2020/02/26 13:40:09 jsg Exp $ */
/* -----------------------------------------------------------------------
*
* umac.c -- C Implementation UMAC Message Authentication
@@ -1201,8 +1201,7 @@ int umac_delete(struct umac_ctx *ctx)
if (ctx) {
if (ALLOC_BOUNDARY)
ctx = (struct umac_ctx *)ctx->free_ptr;
- explicit_bzero(ctx, sizeof(*ctx) + ALLOC_BOUNDARY);
- free(ctx);
+ freezero(ctx, sizeof(*ctx) + ALLOC_BOUNDARY);
}
return (1);
}