- djm@cvs.openbsd.org 2014/02/02 03:44:32

[auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()
author: Damien Miller <djm@mindrot.org> 2014-02-04 11:20:14 +1100
committer: Damien Miller <djm@mindrot.org> 2014-02-04 11:20:14 +1100
commit: a5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree: 0b35ad9292b2ca8d58229435865d0ec3818e5981 /ssh-add.c
parent: 1d2c4564265ee827147af246a16f3777741411ed (diff)
1 files changed, 4 insertions, 4 deletions
diff --git a/ssh-add.c b/ssh-add.c
index 63ce72083..3421452af 100644
--- a/ssh-add.c
+++ b/ssh-add.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-add.c,v 1.108 2013/12/19 00:10:30 djm Exp $ */
+/* $OpenBSD: ssh-add.c,v 1.109 2014/02/02 03:44:31 djm Exp $ */
 /*
 * Author: Tatu Ylonen <ylo@cs.hut.fi>
 * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -90,7 +90,7 @@ static void
 clear_pass(void)
 {
        if (pass) {
-                memset(pass, 0, strlen(pass));
+                explicit_bzero(pass, strlen(pass));
                free(pass);
                pass = NULL;
        }
@@ -366,7 +366,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
                        fprintf(stderr, "Passwords do not match.\n");
                        passok = 0;
                }
-                memset(p2, 0, strlen(p2));
+                explicit_bzero(p2, strlen(p2));
                free(p2);
        }
        if (passok && ssh_lock_agent(ac, lock, p1)) {
@@ -374,7 +374,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
                ret = 0;
        } else
                fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un");
-        memset(p1, 0, strlen(p1));
+        explicit_bzero(p1, strlen(p1));
        free(p1);
        return (ret);
 }
author	Damien Miller <djm@mindrot.org>	2014-02-04 11:20:14 +1100
committer	Damien Miller <djm@mindrot.org>	2014-02-04 11:20:14 +1100
commit	a5103f413bde6f31bff85d6e1fd29799c647d765 (patch)
tree	0b35ad9292b2ca8d58229435865d0ec3818e5981 /ssh-add.c
parent	1d2c4564265ee827147af246a16f3777741411ed (diff)

diff --git a/ssh-add.c b/ssh-add.c index 63ce72083..3421452af 100644 --- a/ssh-add.c +++ b/ssh-add.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: ssh-add.c,v 1.108 2013/12/19 00:10:30 djm Exp $ */	1	/* $OpenBSD: ssh-add.c,v 1.109 2014/02/02 03:44:31 djm Exp $ */
2	/*	2	/*
3	* Author: Tatu Ylonen <ylo@cs.hut.fi>	3	* Author: Tatu Ylonen <ylo@cs.hut.fi>
4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -90,7 +90,7 @@ static void
90	clear_pass(void)	90	clear_pass(void)
91	{	91	{
92	if (pass) {	92	if (pass) {
93	memset(pass, 0, strlen(pass));	93	explicit_bzero(pass, strlen(pass));
94	free(pass);	94	free(pass);
95	pass = NULL;	95	pass = NULL;
96	}	96	}
@@ -366,7 +366,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
366	fprintf(stderr, "Passwords do not match.\n");	366	fprintf(stderr, "Passwords do not match.\n");
367	passok = 0;	367	passok = 0;
368	}	368	}
369	memset(p2, 0, strlen(p2));	369	explicit_bzero(p2, strlen(p2));
370	free(p2);	370	free(p2);
371	}	371	}
372	if (passok && ssh_lock_agent(ac, lock, p1)) {	372	if (passok && ssh_lock_agent(ac, lock, p1)) {
@@ -374,7 +374,7 @@ lock_agent(AuthenticationConnection *ac, int lock)
374	ret = 0;	374	ret = 0;
375	} else	375	} else
376	fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un");	376	fprintf(stderr, "Failed to %slock agent.\n", lock ? "" : "un");
377	memset(p1, 0, strlen(p1));	377	explicit_bzero(p1, strlen(p1));
378	free(p1);	378	free(p1);
379	return (ret);	379	return (ret);
380	}	380	}