diff options
author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-05-21 02:37:53 +0000 |
---|---|---|
committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2017-05-21 02:37:53 +0000 |
commit | 40b0d1f2da153cff245bfa34926de917fd56bb3c (patch) | |
tree | 4e5e53bccbc2d2a7c99968bf49657dc918308676 /usr.sbin | |
parent | bd56236b6e44b7c3ea47e18dd13f955a8ab7fe8b (diff) |
A few more freezero() uses
ok yasuoka mikeb
Diffstat (limited to 'usr.sbin')
-rw-r--r-- | usr.sbin/ikectl/ikeca.c | 6 | ||||
-rw-r--r-- | usr.sbin/radiusd/radiusd.c | 6 | ||||
-rw-r--r-- | usr.sbin/sasyncd/monitor.c | 33 |
3 files changed, 12 insertions, 33 deletions
diff --git a/usr.sbin/ikectl/ikeca.c b/usr.sbin/ikectl/ikeca.c index cee6623a30f..a6756825209 100644 --- a/usr.sbin/ikectl/ikeca.c +++ b/usr.sbin/ikectl/ikeca.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ikeca.c,v 1.42 2017/03/29 08:19:13 sthen Exp $ */ +/* $OpenBSD: ikeca.c,v 1.43 2017/05/21 02:37:52 deraadt Exp $ */ /* * Copyright (c) 2010 Jonathan Gray <jsg@openbsd.org> @@ -924,9 +924,7 @@ ca_revoke(struct ca *ca, char *keyname) pass, ca->sslpath, ca->sslpath); system(cmd); - explicit_bzero(pass, len); - free(pass); - + freezero(pass, len); return (0); } diff --git a/usr.sbin/radiusd/radiusd.c b/usr.sbin/radiusd/radiusd.c index 98e3b23ccd8..05b11b9377c 100644 --- a/usr.sbin/radiusd/radiusd.c +++ b/usr.sbin/radiusd/radiusd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: radiusd.c,v 1.18 2016/04/16 18:32:29 krw Exp $ */ +/* $OpenBSD: radiusd.c,v 1.19 2017/05/21 02:37:52 deraadt Exp $ */ /* * Copyright (c) 2013 Internet Initiative Japan Inc. @@ -1063,9 +1063,7 @@ radiusd_module_stop(struct radiusd_module *module) { module->stopped = true; - if (module->secret != NULL) - explicit_bzero(module->secret, strlen(module->secret)); - free(module->secret); + freezero(module->secret, strlen(module->secret)); module->secret = NULL; if (module->fd >= 0) { diff --git a/usr.sbin/sasyncd/monitor.c b/usr.sbin/sasyncd/monitor.c index 6d5b439b7fd..60b11e33360 100644 --- a/usr.sbin/sasyncd/monitor.c +++ b/usr.sbin/sasyncd/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.21 2015/10/18 02:39:04 mmcc Exp $ */ +/* $OpenBSD: monitor.c,v 1.22 2017/05/21 02:37:52 deraadt Exp $ */ /* * Copyright (c) 2005 Håkan Olsson. All rights reserved. @@ -285,18 +285,14 @@ monitor_get_pfkey_snap(u_int8_t **sadb, u_int32_t *sadbsize, u_int8_t **spd, } rbytes = m_read(m_state.s, *sadb, *sadbsize); if (rbytes < 1) { - explicit_bzero(*sadb, *sadbsize); - free(*sadb); + freezero(*sadb, *sadbsize); return -1; } } /* Read SPD data */ if (m_read(m_state.s, spdsize, sizeof *spdsize) < 1) { - if (*sadbsize) { - explicit_bzero(*sadb, *sadbsize); - free(*sadb); - } + freezero(*sadb, *sadbsize); return -1; } if (*spdsize) { @@ -304,20 +300,13 @@ monitor_get_pfkey_snap(u_int8_t **sadb, u_int32_t *sadbsize, u_int8_t **spd, if (!*spd) { log_err("monitor_get_pfkey_snap: malloc()"); monitor_drain_input(); - if (*sadbsize) { - explicit_bzero(*sadb, *sadbsize); - free(*sadb); - } + freezero(*sadb, *sadbsize); return -1; } rbytes = m_read(m_state.s, *spd, *spdsize); if (rbytes < 1) { - explicit_bzero(*spd, *spdsize); - free(*spd); - if (*sadbsize) { - explicit_bzero(*sadb, *sadbsize); - free(*sadb); - } + freezero(*spd, *spdsize); + freezero(*sadb, *sadbsize); return -1; } } @@ -441,14 +430,8 @@ m_priv_pfkey_snap(int s) } cleanup: - if (sadb_buf) { - explicit_bzero(sadb_buf, sadb_buflen); - free(sadb_buf); - } - if (spd_buf) { - explicit_bzero(spd_buf, spd_buflen); - free(spd_buf); - } + freezero(sadb_buf, sadb_buflen); + freezero(spd_buf, spd_buflen); } static int |