From 458abc2934e82034c5c281336d8dc0f910aecad3 Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Sat, 23 Jan 2016 05:31:35 +0000 Subject: [PATCH] upstream commit Zero a stack buffer with explicit_bzero() instead of memset() when returning from client_loop() for consistency with buffer_free()/sshbuf_free(). ok dtucker@ deraadt@ djm@ Upstream-ID: bc9975b2095339811c3b954694d7d15ea5c58f66 --- clientloop.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/clientloop.c b/clientloop.c index d324e297b..0c77b046c 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.280 2016/01/14 16:17:39 markus Exp $ */ +/* $OpenBSD: clientloop.c,v 1.281 2016/01/23 05:31:35 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -1787,7 +1787,7 @@ client_loop(int have_pty, int escape_char_arg, int ssh2_chan_id) } /* Clear and free any buffers. */ - memset(buf, 0, sizeof(buf)); + explicit_bzero(buf, sizeof(buf)); buffer_free(&stdin_buffer); buffer_free(&stdout_buffer); buffer_free(&stderr_buffer);