From a5103f413bde6f31bff85d6e1fd29799c647d765 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Tue, 4 Feb 2014 11:20:14 +1100
Subject:    - djm@cvs.openbsd.org 2014/02/02 03:44:32      [auth1.c
 auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]      [buffer.c
 cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]      [kexdhc.c
 kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]      [monitor.c
 monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]      [ssh-add.c
 ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]      [ssh-keygen.c ssh-rsa.c
 sshconnect.c sshconnect1.c sshconnect2.c]      [sshd.c]      convert memset
 of potentially-private data to explicit_bzero()

---
 readpass.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'readpass.c')

diff --git a/readpass.c b/readpass.c
index e37d31158..869d86425 100644
--- a/readpass.c
+++ b/readpass.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: readpass.c,v 1.49 2013/05/17 00:13:14 djm Exp $ */
+/* $OpenBSD: readpass.c,v 1.50 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  *
@@ -99,13 +99,13 @@ ssh_askpass(char *askpass, const char *msg)
 			break;
 	signal(SIGCHLD, osigchld);
 	if (ret == -1 || !WIFEXITED(status) || WEXITSTATUS(status) != 0) {
-		memset(buf, 0, sizeof(buf));
+		explicit_bzero(buf, sizeof(buf));
 		return NULL;
 	}
 
 	buf[strcspn(buf, "\r\n")] = '\0';
 	pass = xstrdup(buf);
-	memset(buf, 0, sizeof(buf));
+	explicit_bzero(buf, sizeof(buf));
 	return pass;
 }
 
@@ -162,7 +162,7 @@ read_passphrase(const char *prompt, int flags)
 	}
 
 	ret = xstrdup(buf);
-	memset(buf, 'x', sizeof buf);
+	explicit_bzero(buf, sizeof(buf));
 	return ret;
 }
 
-- 
cgit v1.2.3