From a5103f413bde6f31bff85d6e1fd29799c647d765 Mon Sep 17 00:00:00 2001
From: Damien Miller <djm@mindrot.org>
Date: Tue, 4 Feb 2014 11:20:14 +1100
Subject:    - djm@cvs.openbsd.org 2014/02/02 03:44:32      [auth1.c
 auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c]      [buffer.c
 cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c]      [kexdhc.c
 kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c]      [monitor.c
 monitor_wrap.c packet.c readpass.c rsa.c serverloop.c]      [ssh-add.c
 ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c]      [ssh-keygen.c ssh-rsa.c
 sshconnect.c sshconnect1.c sshconnect2.c]      [sshd.c]      convert memset
 of potentially-private data to explicit_bzero()

---
 bufaux.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

(limited to 'bufaux.c')

diff --git a/bufaux.c b/bufaux.c
index f1f14b33..e24b5fc0 100644
--- a/bufaux.c
+++ b/bufaux.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: bufaux.c,v 1.55 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: bufaux.c,v 1.56 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -346,7 +346,7 @@ buffer_get_bignum2_as_string_ret(Buffer *buffer, u_int *length_ptr)
 	}
 	ret = xmalloc(len);
 	memcpy(ret, p, len);
-	memset(p, '\0', len);
+	explicit_bzero(p, len);
 	free(bin);
 	return ret;
 }
@@ -383,7 +383,7 @@ buffer_put_bignum2_from_string(Buffer *buffer, const u_char *s, u_int l)
 	}
 	memcpy(p, s, l);
 	buffer_put_string(buffer, buf, l + pad);
-	memset(buf, '\0', l + pad);
+	explicit_bzero(buf, l + pad);
 	free(buf);
 }
 
-- 
cgit v1.2.3