diff options
author | jsg@openbsd.org <jsg@openbsd.org> | 2020-02-26 13:40:09 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2020-02-28 12:26:28 +1100 |
commit | d5ba1c03278eb079438bb038266d80d7477d49cb (patch) | |
tree | 6d8dd2d802af796bcb7c9d6d018196a448bb9ff6 /ssh-keygen.c | |
parent | 9e3220b585c5be19a7431ea4ff8884c137b3a81c (diff) |
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.
ok deraadt@ djm@
OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 26 |
1 files changed, 9 insertions, 17 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 0d6ed1fff..d9c207b42 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.399 2020/02/26 13:40:09 jsg Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -327,8 +327,7 @@ load_identity(const char *filename, char **commentp) | |||
327 | else | 327 | else |
328 | pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN); | 328 | pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN); |
329 | r = sshkey_load_private(filename, pass, &prv, commentp); | 329 | r = sshkey_load_private(filename, pass, &prv, commentp); |
330 | explicit_bzero(pass, strlen(pass)); | 330 | freezero(pass, strlen(pass)); |
331 | free(pass); | ||
332 | if (r != 0) | 331 | if (r != 0) |
333 | fatal("Load key \"%s\": %s", filename, ssh_err(r)); | 332 | fatal("Load key \"%s\": %s", filename, ssh_err(r)); |
334 | return prv; | 333 | return prv; |
@@ -1424,8 +1423,7 @@ do_change_passphrase(struct passwd *pw) | |||
1424 | RP_ALLOW_STDIN); | 1423 | RP_ALLOW_STDIN); |
1425 | r = sshkey_load_private(identity_file, old_passphrase, | 1424 | r = sshkey_load_private(identity_file, old_passphrase, |
1426 | &private, &comment); | 1425 | &private, &comment); |
1427 | explicit_bzero(old_passphrase, strlen(old_passphrase)); | 1426 | freezero(old_passphrase, strlen(old_passphrase)); |
1428 | free(old_passphrase); | ||
1429 | if (r != 0) | 1427 | if (r != 0) |
1430 | goto badkey; | 1428 | goto badkey; |
1431 | } else if (r != 0) { | 1429 | } else if (r != 0) { |
@@ -1456,8 +1454,7 @@ do_change_passphrase(struct passwd *pw) | |||
1456 | exit(1); | 1454 | exit(1); |
1457 | } | 1455 | } |
1458 | /* Destroy the other copy. */ | 1456 | /* Destroy the other copy. */ |
1459 | explicit_bzero(passphrase2, strlen(passphrase2)); | 1457 | freezero(passphrase2, strlen(passphrase2)); |
1460 | free(passphrase2); | ||
1461 | } | 1458 | } |
1462 | 1459 | ||
1463 | /* Save the file using the new passphrase. */ | 1460 | /* Save the file using the new passphrase. */ |
@@ -1465,15 +1462,13 @@ do_change_passphrase(struct passwd *pw) | |||
1465 | comment, private_key_format, openssh_format_cipher, rounds)) != 0) { | 1462 | comment, private_key_format, openssh_format_cipher, rounds)) != 0) { |
1466 | error("Saving key \"%s\" failed: %s.", | 1463 | error("Saving key \"%s\" failed: %s.", |
1467 | identity_file, ssh_err(r)); | 1464 | identity_file, ssh_err(r)); |
1468 | explicit_bzero(passphrase1, strlen(passphrase1)); | 1465 | freezero(passphrase1, strlen(passphrase1)); |
1469 | free(passphrase1); | ||
1470 | sshkey_free(private); | 1466 | sshkey_free(private); |
1471 | free(comment); | 1467 | free(comment); |
1472 | exit(1); | 1468 | exit(1); |
1473 | } | 1469 | } |
1474 | /* Destroy the passphrase and the copy of the key in memory. */ | 1470 | /* Destroy the passphrase and the copy of the key in memory. */ |
1475 | explicit_bzero(passphrase1, strlen(passphrase1)); | 1471 | freezero(passphrase1, strlen(passphrase1)); |
1476 | free(passphrase1); | ||
1477 | sshkey_free(private); /* Destroys contents */ | 1472 | sshkey_free(private); /* Destroys contents */ |
1478 | free(comment); | 1473 | free(comment); |
1479 | 1474 | ||
@@ -1543,8 +1538,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment) | |||
1543 | /* Try to load using the passphrase. */ | 1538 | /* Try to load using the passphrase. */ |
1544 | if ((r = sshkey_load_private(identity_file, passphrase, | 1539 | if ((r = sshkey_load_private(identity_file, passphrase, |
1545 | &private, &comment)) != 0) { | 1540 | &private, &comment)) != 0) { |
1546 | explicit_bzero(passphrase, strlen(passphrase)); | 1541 | freezero(passphrase, strlen(passphrase)); |
1547 | free(passphrase); | ||
1548 | fatal("Cannot load private key \"%s\": %s.", | 1542 | fatal("Cannot load private key \"%s\": %s.", |
1549 | identity_file, ssh_err(r)); | 1543 | identity_file, ssh_err(r)); |
1550 | } | 1544 | } |
@@ -1589,14 +1583,12 @@ do_change_comment(struct passwd *pw, const char *identity_comment) | |||
1589 | rounds)) != 0) { | 1583 | rounds)) != 0) { |
1590 | error("Saving key \"%s\" failed: %s", | 1584 | error("Saving key \"%s\" failed: %s", |
1591 | identity_file, ssh_err(r)); | 1585 | identity_file, ssh_err(r)); |
1592 | explicit_bzero(passphrase, strlen(passphrase)); | 1586 | freezero(passphrase, strlen(passphrase)); |
1593 | free(passphrase); | ||
1594 | sshkey_free(private); | 1587 | sshkey_free(private); |
1595 | free(comment); | 1588 | free(comment); |
1596 | exit(1); | 1589 | exit(1); |
1597 | } | 1590 | } |
1598 | explicit_bzero(passphrase, strlen(passphrase)); | 1591 | freezero(passphrase, strlen(passphrase)); |
1599 | free(passphrase); | ||
1600 | if ((r = sshkey_from_private(private, &public)) != 0) | 1592 | if ((r = sshkey_from_private(private, &public)) != 0) |
1601 | fatal("sshkey_from_private failed: %s", ssh_err(r)); | 1593 | fatal("sshkey_from_private failed: %s", ssh_err(r)); |
1602 | sshkey_free(private); | 1594 | sshkey_free(private); |