- djm@cvs.openbsd.org 2014/02/02 03:44:32

[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
author: Damien Miller <djm@mindrot.org> 2014-02-04 11:20:14 +1100
committer: Damien Miller <djm@mindrot.org> 2014-02-04 11:20:14 +1100
commit: a5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree: 0b35ad9292b2ca8d58229435865d0ec3818e5981 /monitor_wrap.c
parent: 1d2c4564265ee827147af246a16f3777741411ed (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/monitor_wrap.c b/monitor_wrap.c
index 64c262363..1a47e4174 100644
--- a/monitor_wrap.c
+++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: monitor_wrap.c,v 1.78 2014/01/29 06:18:35 djm Exp $ */
+/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
 /*
 * Copyright 2002 Niels Provos <provos@citi.umich.edu>
 * Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -572,7 +572,7 @@ mm_newkeys_to_blob(int mode, u_char **blobp, u_int *lenp)
                *blobp = xmalloc(len);
                memcpy(*blobp, buffer_ptr(&b), len);
        }
-        memset(buffer_ptr(&b), 0, len);
+        explicit_bzero(buffer_ptr(&b), len);
        buffer_free(&b);
        return len;
 }
@@ -616,7 +616,7 @@ mm_send_keystate(struct monitor *monitor)
                key = xmalloc(keylen+1);        /* add 1 if keylen == 0 */
                keylen = packet_get_encryption_key(key);
                buffer_put_string(&m, key, keylen);
-                memset(key, 0, keylen);
+                explicit_bzero(key, keylen);
                free(key);
                ivlen = packet_get_keyiv_len(MODE_OUT);
author	Damien Miller <djm@mindrot.org>	2014-02-04 11:20:14 +1100
committer	Damien Miller <djm@mindrot.org>	2014-02-04 11:20:14 +1100
commit	a5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree	0b35ad9292b2ca8d58229435865d0ec3818e5981 /monitor_wrap.c
parent	1d2c4564265ee827147af246a16f3777741411ed (diff)

diff --git a/monitor_wrap.c b/monitor_wrap.c index 64c262363..1a47e4174 100644 --- a/monitor_wrap.c +++ b/monitor_wrap.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: monitor_wrap.c,v 1.78 2014/01/29 06:18:35 djm Exp $ */	1	/* $OpenBSD: monitor_wrap.c,v 1.79 2014/02/02 03:44:31 djm Exp $ */
2	/*	2	/*
3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>	3	* Copyright 2002 Niels Provos <provos@citi.umich.edu>
4	* Copyright 2002 Markus Friedl <markus@openbsd.org>	4	* Copyright 2002 Markus Friedl <markus@openbsd.org>
@@ -572,7 +572,7 @@ mm_newkeys_to_blob(int mode, u_char *blobp, u_int lenp)
572	*blobp = xmalloc(len);	572	*blobp = xmalloc(len);
573	memcpy(*blobp, buffer_ptr(&b), len);	573	memcpy(*blobp, buffer_ptr(&b), len);
574	}	574	}
575	memset(buffer_ptr(&b), 0, len);	575	explicit_bzero(buffer_ptr(&b), len);
576	buffer_free(&b);	576	buffer_free(&b);
577	return len;	577	return len;
578	}	578	}
@@ -616,7 +616,7 @@ mm_send_keystate(struct monitor *monitor)
616	key = xmalloc(keylen+1); /* add 1 if keylen == 0 */	616	key = xmalloc(keylen+1); /* add 1 if keylen == 0 */
617	keylen = packet_get_encryption_key(key);	617	keylen = packet_get_encryption_key(key);
618	buffer_put_string(&m, key, keylen);	618	buffer_put_string(&m, key, keylen);
619	memset(key, 0, keylen);	619	explicit_bzero(key, keylen);
620	free(key);	620	free(key);
621		621
622	ivlen = packet_get_keyiv_len(MODE_OUT);	622	ivlen = packet_get_keyiv_len(MODE_OUT);