summaryrefslogtreecommitdiff
path: root/sshkey.c
diff options
context:
space:
mode:
authorjsg@openbsd.org <jsg@openbsd.org>2020-02-26 13:40:09 +0000
committerDamien Miller <djm@mindrot.org>2020-02-28 12:26:28 +1100
commitd5ba1c03278eb079438bb038266d80d7477d49cb (patch)
tree6d8dd2d802af796bcb7c9d6d018196a448bb9ff6 /sshkey.c
parent9e3220b585c5be19a7431ea4ff8884c137b3a81c (diff)
upstream: change explicit_bzero();free() to freezero()
While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
Diffstat (limited to 'sshkey.c')
-rw-r--r--sshkey.c44
1 files changed, 15 insertions, 29 deletions
diff --git a/sshkey.c b/sshkey.c
index 57995ee68..63e568a04 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: sshkey.c,v 1.99 2020/01/21 05:56:56 djm Exp $ */ 1/* $OpenBSD: sshkey.c,v 1.100 2020/02/26 13:40:09 jsg Exp $ */
2/* 2/*
3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. 3 * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved.
4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved. 4 * Copyright (c) 2008 Alexander von Gernler. All rights reserved.
@@ -1019,10 +1019,8 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg,
1019 r = 0; 1019 r = 0;
1020 out: 1020 out:
1021 free(ret); 1021 free(ret);
1022 if (blob != NULL) { 1022 if (blob != NULL)
1023 explicit_bzero(blob, blob_len); 1023 freezero(blob, blob_len);
1024 free(blob);
1025 }
1026 return r; 1024 return r;
1027} 1025}
1028 1026
@@ -1280,12 +1278,10 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg,
1280 dgst_raw, dgst_raw_len, k); 1278 dgst_raw, dgst_raw_len, k);
1281 break; 1279 break;
1282 default: 1280 default:
1283 explicit_bzero(dgst_raw, dgst_raw_len); 1281 freezero(dgst_raw, dgst_raw_len);
1284 free(dgst_raw);
1285 return NULL; 1282 return NULL;
1286 } 1283 }
1287 explicit_bzero(dgst_raw, dgst_raw_len); 1284 freezero(dgst_raw, dgst_raw_len);
1288 free(dgst_raw);
1289 return retval; 1285 return retval;
1290} 1286}
1291 1287
@@ -4054,18 +4050,12 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob,
4054 sshbuf_free(encrypted); 4050 sshbuf_free(encrypted);
4055 cipher_free(ciphercontext); 4051 cipher_free(ciphercontext);
4056 explicit_bzero(salt, sizeof(salt)); 4052 explicit_bzero(salt, sizeof(salt));
4057 if (key != NULL) { 4053 if (key != NULL)
4058 explicit_bzero(key, keylen + ivlen); 4054 freezero(key, keylen + ivlen);
4059 free(key); 4055 if (pubkeyblob != NULL)
4060 } 4056 freezero(pubkeyblob, pubkeylen);
4061 if (pubkeyblob != NULL) { 4057 if (b64 != NULL)
4062 explicit_bzero(pubkeyblob, pubkeylen); 4058 freezero(b64, strlen(b64));
4063 free(pubkeyblob);
4064 }
4065 if (b64 != NULL) {
4066 explicit_bzero(b64, strlen(b64));
4067 free(b64);
4068 }
4069 return r; 4059 return r;
4070} 4060}
4071 4061
@@ -4273,14 +4263,10 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase,
4273 free(ciphername); 4263 free(ciphername);
4274 free(kdfname); 4264 free(kdfname);
4275 free(comment); 4265 free(comment);
4276 if (salt != NULL) { 4266 if (salt != NULL)
4277 explicit_bzero(salt, slen); 4267 freezero(salt, slen);
4278 free(salt); 4268 if (key != NULL)
4279 } 4269 freezero(key, keylen + ivlen);
4280 if (key != NULL) {
4281 explicit_bzero(key, keylen + ivlen);
4282 free(key);
4283 }
4284 sshbuf_free(encoded); 4270 sshbuf_free(encoded);
4285 sshbuf_free(decoded); 4271 sshbuf_free(decoded);
4286 sshbuf_free(kdf); 4272 sshbuf_free(kdf);
generated by cgit v1.2.3 (git 2.39.1) at 2024-06-02 12:45:38 +0000