[openssh-commits] [openssh] 01/01: upstream commit

Wed Jan 13 10:48:18 AEDT 2016

This is an automated email from the git hooks/post-receive script.

djm pushed a commit to branch master
in repository openssh.

commit 9a728cc918fad67c8a9a71201088b1e150340ba4
Author: djm at openbsd.org <djm at openbsd.org>
Date:   Tue Jan 12 23:42:54 2016 +0000

    upstream commit
    
    use explicit_bzero() more liberally in the buffer code; ok
     deraadt
    
    Upstream-ID: 0ece37069fd66bc6e4f55eb1321f93df372b65bf
---
 sshbuf-getput-crypto.c | 12 ++++++------
 sshbuf.c               | 10 +++++-----
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/sshbuf-getput-crypto.c b/sshbuf-getput-crypto.c
index e2e093c..d0d791b 100644
--- a/sshbuf-getput-crypto.c
+++ b/sshbuf-getput-crypto.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf-getput-crypto.c,v 1.4 2015/01/14 15:02:39 djm Exp $	*/
+/*	$OpenBSD: sshbuf-getput-crypto.c,v 1.5 2016/01/12 23:42:54 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -158,10 +158,10 @@ sshbuf_put_bignum2(struct sshbuf *buf, const BIGNUM *v)
 	if (len > 0 && (d[1] & 0x80) != 0)
 		prepend = 1;
 	if ((r = sshbuf_put_string(buf, d + 1 - prepend, len + prepend)) < 0) {
-		bzero(d, sizeof(d));
+		explicit_bzero(d, sizeof(d));
 		return r;
 	}
-	bzero(d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
 	return 0;
 }
 
@@ -177,13 +177,13 @@ sshbuf_put_bignum1(struct sshbuf *buf, const BIGNUM *v)
 	if (BN_bn2bin(v, d) != (int)len_bytes)
 		return SSH_ERR_INTERNAL_ERROR; /* Shouldn't happen */
 	if ((r = sshbuf_reserve(buf, len_bytes + 2, &dp)) < 0) {
-		bzero(d, sizeof(d));
+		explicit_bzero(d, sizeof(d));
 		return r;
 	}
 	POKE_U16(dp, len_bits);
 	if (len_bytes != 0)
 		memcpy(dp + 2, d, len_bytes);
-	bzero(d, sizeof(d));
+	explicit_bzero(d, sizeof(d));
 	return 0;
 }
 
@@ -210,7 +210,7 @@ sshbuf_put_ec(struct sshbuf *buf, const EC_POINT *v, const EC_GROUP *g)
 	}
 	BN_CTX_free(bn_ctx);
 	ret = sshbuf_put_string(buf, d, len);
-	bzero(d, len);
+	explicit_bzero(d, len);
 	return ret;
 }
 
diff --git a/sshbuf.c b/sshbuf.c
index f52b567..4d6e0ea 100644
--- a/sshbuf.c
+++ b/sshbuf.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: sshbuf.c,v 1.5 2015/12/11 04:21:12 mmcc Exp $	*/
+/*	$OpenBSD: sshbuf.c,v 1.6 2016/01/12 23:42:54 djm Exp $	*/
 /*
  * Copyright (c) 2011 Damien Miller
  *
@@ -134,7 +134,7 @@ sshbuf_fromb(struct sshbuf *buf)
 void
 sshbuf_init(struct sshbuf *ret)
 {
-	bzero(ret, sizeof(*ret));
+	explicit_bzero(ret, sizeof(*ret));
 	ret->alloc = SSHBUF_SIZE_INIT;
 	ret->max_size = SSHBUF_SIZE_MAX;
 	ret->readonly = 0;
@@ -178,7 +178,7 @@ sshbuf_free(struct sshbuf *buf)
 		explicit_bzero(buf->d, buf->alloc);
 		free(buf->d);
 	}
-	bzero(buf, sizeof(*buf));
+	explicit_bzero(buf, sizeof(*buf));
 	if (!dont_free)
 		free(buf);
 }
@@ -194,7 +194,7 @@ sshbuf_reset(struct sshbuf *buf)
 		return;
 	}
 	if (sshbuf_check_sanity(buf) == 0)
-		bzero(buf->d, buf->alloc);
+		explicit_bzero(buf->d, buf->alloc);
 	buf->off = buf->size = 0;
 	if (buf->alloc != SSHBUF_SIZE_INIT) {
 		if ((d = realloc(buf->d, SSHBUF_SIZE_INIT)) != NULL) {
@@ -253,7 +253,7 @@ sshbuf_set_max_size(struct sshbuf *buf, size_t max_size)
 			rlen = roundup(buf->size, SSHBUF_SIZE_INC);
 		if (rlen > max_size)
 			rlen = max_size;
-		bzero(buf->d + buf->size, buf->alloc - buf->size);
+		explicit_bzero(buf->d + buf->size, buf->alloc - buf->size);
 		SSHBUF_DBG(("new alloc = %zu", rlen));
 		if ((dp = realloc(buf->d, rlen)) == NULL)
 			return SSH_ERR_ALLOC_FAIL;

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.
