- djm@cvs.openbsd.org 2014/02/02 03:44:31

     [digest-libc.c digest-openssl.c]
     convert memset of potentially-private data to explicit_bzero()

3 files changed, 8 insertions, 5 deletions

diff --git a/ChangeLog b/ChangeLog
index 3e755cb9..bad531bf 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -57,6 +57,9 @@
      [ssh-ecdsa.c]
      fix memory leak; ECDSA_SIG_new() allocates 'r' and 's' for us, unlike
      DSA_SIG_new. Reported by Batz Spear; ok markus@
+   - djm@cvs.openbsd.org 2014/02/02 03:44:31
+     [digest-libc.c digest-openssl.c]
+     convert memset of potentially-private data to explicit_bzero()
 
 20140131
  - (djm) [sandbox-seccomp-filter.c sandbox-systrace.c] Allow shutdown(2)
diff --git a/digest-libc.c b/digest-libc.c
index e1fcda71..1804b069 100644
--- a/digest-libc.c
+++ b/digest-libc.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest-libc.c,v 1.1 2014/01/28 20:13:46 markus Exp $ */
+/* $OpenBSD: digest-libc.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
  * Copyright (c) 2014 Markus Friedl.  All rights reserved.
@@ -209,9 +209,9 @@ ssh_digest_free(struct ssh_digest_ctx *ctx)
 	if (ctx != NULL) {
 		digest = ssh_digest_by_alg(ctx->alg);
 		if (digest) {
-			memset(ctx->mdctx, 0, digest->ctx_len);
+			explicit_bzero(ctx->mdctx, digest->ctx_len);
 			free(ctx->mdctx);
-			memset(ctx, 0, sizeof(*ctx));
+			explicit_bzero(ctx, sizeof(*ctx));
 			free(ctx);
 		}
 	}
diff --git a/digest-openssl.c b/digest-openssl.c
index 8d7a58f3..863d37d0 100644
--- a/digest-openssl.c
+++ b/digest-openssl.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: digest-openssl.c,v 1.1 2014/01/28 20:13:46 markus Exp $ */
+/* $OpenBSD: digest-openssl.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2013 Damien Miller <djm@mindrot.org>
  *
@@ -140,7 +140,7 @@ ssh_digest_free(struct ssh_digest_ctx *ctx)
 {
 	if (ctx != NULL) {
 		EVP_MD_CTX_cleanup(&ctx->mdctx);
-		memset(ctx, 0, sizeof(*ctx));
+		explicit_bzero(ctx, sizeof(*ctx));
 		free(ctx);
 	}
 }