2 files changed, 10 insertions, 10 deletions
diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c
index e2e093c00..d0d791b50 100644
--- a/sshbuf-getput-crypto.c
+++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $    */
+/*      $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $    */
 /*
 * Copyright (c) 2011 Damien Miller
 *
@@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
        if (len > 0 && (d[1] & 0x80) != 0)
                prepend = 1;
        if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {
-                bzero(d, sizeof(d));
+                explicit_bzero(d, sizeof(d));
                return r;
        }
-        bzero(d, sizeof(d));
+        explicit_bzero(d, sizeof(d));
        return 0;
 }
@@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
        if (BN_bn2bin(v, d) != (int)len_bytes)
                return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
        if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
-                bzero(d, sizeof(d));
+                explicit_bzero(d, sizeof(d));
                return r;
        }
        POKE_U16(dp, len_bits);
        if (len_bytes != 0)
                memcpy(dp + 2, d, len_bytes);
-        bzero(d, sizeof(d));
+        explicit_bzero(d, sizeof(d));
        return 0;
 }
@@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
        }
        BN_CTX_free(bn_ctx);
        ret = sshbuf_put_string(buf, d, len);
-        bzero(d, len);
+        explicit_bzero(d, len);
        return ret;
 }
diff --git a/sshbuf.c b/sshbuf.c
index dbe0c9192..9915e9af4 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf)
 void
 sshbuf_init(struct sshbuf *ret)
 {
-        bzero(ret, sizeof(*ret));
+        explicit_bzero(ret, sizeof(*ret));
        ret->alloc = SSHBUF_SIZE_INIT;
        ret->max_size = SSHBUF_SIZE_MAX;
        ret->readonly = 0;
@@ -180,7 +180,7 @@ sshbuf_free(struct sshbuf *buf)
                bzero(buf->d, buf->alloc);
                free(buf->d);
        }
-        bzero(buf, sizeof(*buf));
+        explicit_bzero(buf, sizeof(*buf));
        if (!dont_free)
                free(buf);
 }
@@ -196,7 +196,7 @@ sshbuf_reset(struct sshbuf *buf)
                return;
        }
        if (sshbuf_check_sanity(buf) == 0)
-                bzero(buf->d, buf->alloc);
+                explicit_bzero(buf->d, buf->alloc);
        buf->off = buf->size = 0;
        if (buf->alloc != SSHBUF_SIZE_INIT) {
                if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) {
@@ -255,7 +255,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
                        rlen = roundup(buf->size, SSHBUF_SIZE_INC);
                if (rlen > max_size)
                        rlen = max_size;
-                bzero(buf->d + buf->size, buf->alloc - buf->size);
+                explicit_bzero(buf->d + buf->size, buf->alloc - buf->size);
                SSHBUF_DBG(("new alloc = %zu", rlen));
                if ((dp = realloc(buf->d, rlen)) == NULL)
                        return SSH_ERR_ALLOC_FAIL;

diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c index e2e093c00..d0d791b50 100644 --- a/sshbuf-getput-crypto.c +++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
1	/* $OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $ */	1	/* $OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $ */
2	/*	2	/*
3	* Copyright (c) 2011 Damien Miller	3	* Copyright (c) 2011 Damien Miller
4	*	4	*
@@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf buf, const BIGNUM v)
158	if (len > 0 && (d[1] & 0x80) != 0)	158	if (len > 0 && (d[1] & 0x80) != 0)
159	prepend = 1;	159	prepend = 1;
160	if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {	160	if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {
161	bzero(d, sizeof(d));	161	explicit_bzero(d, sizeof(d));
162	return r;	162	return r;
163	}	163	}
164	bzero(d, sizeof(d));	164	explicit_bzero(d, sizeof(d));
165	return 0;	165	return 0;
166	}	166	}
167		167
@@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf buf, const BIGNUM v)
177	if (BN_bn2bin(v, d) != (int)len_bytes)	177	if (BN_bn2bin(v, d) != (int)len_bytes)
178	return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */	178	return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
179	if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {	179	if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
180	bzero(d, sizeof(d));	180	explicit_bzero(d, sizeof(d));
181	return r;	181	return r;
182	}	182	}
183	POKE_U16(dp, len_bits);	183	POKE_U16(dp, len_bits);
184	if (len_bytes != 0)	184	if (len_bytes != 0)
185	memcpy(dp + 2, d, len_bytes);	185	memcpy(dp + 2, d, len_bytes);
186	bzero(d, sizeof(d));	186	explicit_bzero(d, sizeof(d));
187	return 0;	187	return 0;
188	}	188	}
189		189
@@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf buf, const EC_POINT v, const EC_GROUP *g)
210	}	210	}
211	BN_CTX_free(bn_ctx);	211	BN_CTX_free(bn_ctx);
212	ret = sshbuf_put_string(buf, d, len);	212	ret = sshbuf_put_string(buf, d, len);
213	bzero(d, len);	213	explicit_bzero(d, len);
214	return ret;	214	return ret;
215	}	215	}
216		216


diff --git a/sshbuf.c b/sshbuf.c index dbe0c9192..9915e9af4 100644 --- a/sshbuf.c +++ b/sshbuf.c
@@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf)
134	void	134	void
135	sshbuf_init(struct sshbuf *ret)	135	sshbuf_init(struct sshbuf *ret)
136	{	136	{
137	bzero(ret, sizeof(*ret));	137	explicit_bzero(ret, sizeof(*ret));
138	ret->alloc = SSHBUF_SIZE_INIT;	138	ret->alloc = SSHBUF_SIZE_INIT;
139	ret->max_size = SSHBUF_SIZE_MAX;	139	ret->max_size = SSHBUF_SIZE_MAX;
140	ret->readonly = 0;	140	ret->readonly = 0;
@@ -180,7 +180,7 @@ sshbuf_free(struct sshbuf *buf)
180	bzero(buf->d, buf->alloc);	180	bzero(buf->d, buf->alloc);
181	free(buf->d);	181	free(buf->d);
182	}	182	}
183	bzero(buf, sizeof(*buf));	183	explicit_bzero(buf, sizeof(*buf));
184	if (!dont_free)	184	if (!dont_free)
185	free(buf);	185	free(buf);
186	}	186	}
@@ -196,7 +196,7 @@ sshbuf_reset(struct sshbuf *buf)
196	return;	196	return;
197	}	197	}
198	if (sshbuf_check_sanity(buf) == 0)	198	if (sshbuf_check_sanity(buf) == 0)
199	bzero(buf->d, buf->alloc);	199	explicit_bzero(buf->d, buf->alloc);
200	buf->off = buf->size = 0;	200	buf->off = buf->size = 0;
201	if (buf->alloc != SSHBUF_SIZE_INIT) {	201	if (buf->alloc != SSHBUF_SIZE_INIT) {
202	if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) {	202	if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) {
@@ -255,7 +255,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
255	rlen = roundup(buf->size, SSHBUF_SIZE_INC);	255	rlen = roundup(buf->size, SSHBUF_SIZE_INC);
256	if (rlen > max_size)	256	if (rlen > max_size)
257	rlen = max_size;	257	rlen = max_size;
258	bzero(buf->d + buf->size, buf->alloc - buf->size);	258	explicit_bzero(buf->d + buf->size, buf->alloc - buf->size);
259	SSHBUF_DBG(("new alloc = %zu", rlen));	259	SSHBUF_DBG(("new alloc = %zu", rlen));
260	if ((dp = realloc(buf->d, rlen)) == NULL)	260	if ((dp = realloc(buf->d, rlen)) == NULL)
261	return SSH_ERR_ALLOC_FAIL;	261	return SSH_ERR_ALLOC_FAIL;