upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a

1 files changed, 7 insertions, 13 deletions

diff --git a/ssh-ed25519.c b/ssh-ed25519.c
index 5163e0297..7dee82707 100644
--- a/ssh-ed25519.c
+++ b/ssh-ed25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */
+/* $OpenBSD: ssh-ed25519.c,v 1.8 2020/02/26 13:40:09 jsg Exp $ */
 /*
  * Copyright (c) 2013 Markus Friedl <markus@openbsd.org>
  *
@@ -83,10 +83,8 @@ ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
         r = 0;
  out:
         sshbuf_free(b);
-        if (sig != NULL) {
-                explicit_bzero(sig, slen);
-                free(sig);
-        }
+        if (sig != NULL) 
+                freezero(sig, slen);
 
         return r;
 }
@@ -153,14 +151,10 @@ ssh_ed25519_verify(const struct sshkey *key,
         /* success */
         r = 0;
  out:
-        if (sm != NULL) {
-                explicit_bzero(sm, smlen);
-                free(sm);
-        }
-        if (m != NULL) {
-                explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */
-                free(m);
-        }
+        if (sm != NULL) 
+                freezero(sm, smlen);
+        if (m != NULL) 
+                freezero(m, smlen); /* NB mlen may be invalid if r != 0 */
         sshbuf_free(b);
         free(ktype);
         return r;