diff options
author | Damien Miller <djm@mindrot.org> | 2014-02-04 11:25:45 +1100 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2014-02-04 11:25:45 +1100 |
commit | db3c595ea74ea9ccd5aa644d7e1f8dc675710731 (patch) | |
tree | dd9d8db7429fc311131c4dd965296dc672bef269 | |
parent | aae07e2e2000dd318418fd7fd4597760904cae32 (diff) |
- djm@cvs.openbsd.org 2014/02/02 03:44:31
[digest-libc.c digest-openssl.c]
convert memset of potentially-private data to explicit_bzero()
-rw-r--r-- | ChangeLog | 3 | ||||
-rw-r--r-- | digest-libc.c | 6 | ||||
-rw-r--r-- | digest-openssl.c | 4 |
3 files changed, 8 insertions, 5 deletions
@@ -57,6 +57,9 @@ [ssh-ecdsa.c] fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike DSA_SIG_new. Reported by Batz Spear; ok markus@ + - djm@cvs.openbsd.org 2014/02/02 03:44:31 + [digest-libc.c digest-openssl.c] + convert memset of potentially-private data to explicit_bzero() 20140131 - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2) diff --git a/digest-libc.c b/digest-libc.c index e1fcda71..1804b069 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.1 2014/01/28 20:13:46 markus Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller <djm@mindrot.org> * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -209,9 +209,9 @@ ssh_digest_free(struct ssh_digest_ctx *ctx) if (ctx != NULL) { digest = ssh_digest_by_alg(ctx->alg); if (digest) { - memset(ctx->mdctx, 0, digest->ctx_len); + explicit_bzero(ctx->mdctx, digest->ctx_len); free(ctx->mdctx); - memset(ctx, 0, sizeof(*ctx)); + explicit_bzero(ctx, sizeof(*ctx)); free(ctx); } } diff --git a/digest-openssl.c b/digest-openssl.c index 8d7a58f3..863d37d0 100644 --- a/digest-openssl.c +++ b/digest-openssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-openssl.c,v 1.1 2014/01/28 20:13:46 markus Exp $ */ +/* $OpenBSD: digest-openssl.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2013 Damien Miller <djm@mindrot.org> * @@ -140,7 +140,7 @@ ssh_digest_free(struct ssh_digest_ctx *ctx) { if (ctx != NULL) { EVP_MD_CTX_cleanup(&ctx->mdctx); - memset(ctx, 0, sizeof(*ctx)); + explicit_bzero(ctx, sizeof(*ctx)); free(ctx); } } |