From d5ba1c03278eb079438bb038266d80d7477d49cb Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Wed, 26 Feb 2020 13:40:09 +0000 Subject: [PATCH] upstream: change explicit_bzero();free() to freezero() While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a --- auth-options.c | 5 ++--- auth2-chall.c | 5 ++--- auth2-passwd.c | 5 ++--- authfd.c | 8 +++----- channels.c | 11 ++++------- cipher.c | 8 +++----- clientloop.c | 5 ++--- digest-libc.c | 5 ++--- hmac.c | 5 ++--- hostfile.c | 5 ++--- kex.c | 5 ++--- monitor.c | 5 ++--- ssh-add.c | 11 ++++------- ssh-agent.c | 5 ++--- ssh-dss.c | 8 +++----- ssh-ed25519-sk.c | 8 +++----- ssh-ed25519.c | 20 +++++++------------- ssh-keygen.c | 26 +++++++++----------------- ssh-xmss.c | 20 +++++++------------- sshbuf-misc.c | 11 ++++------- sshbuf.c | 5 ++--- sshkey.c | 44 +++++++++++++++----------------------------- umac.c | 5 ++--- 23 files changed, 86 insertions(+), 149 deletions(-) diff --git a/auth-options.c b/auth-options.c index 2d200944c..b63782de7 100644 --- a/auth-options.c +++ b/auth-options.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth-options.c,v 1.90 2019/11/25 00:54:23 djm Exp $ */ +/* $OpenBSD: auth-options.c,v 1.91 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2018 Damien Miller * @@ -222,8 +222,7 @@ sshauthopt_free(struct sshauthopt *opts) free(opts->permitlisten[i]); free(opts->permitlisten); - explicit_bzero(opts, sizeof(*opts)); - free(opts); + freezero(opts, sizeof(*opts)); } struct sshauthopt * diff --git a/auth2-chall.c b/auth2-chall.c index c57387b71..3acd0a837 100644 --- a/auth2-chall.c +++ b/auth2-chall.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-chall.c,v 1.52 2019/11/13 04:47:52 deraadt Exp $ */ +/* $OpenBSD: auth2-chall.c,v 1.53 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2001 Markus Friedl. All rights reserved. * Copyright (c) 2001 Per Allansson. All rights reserved. @@ -147,8 +147,7 @@ kbdint_free(KbdintAuthctxt *kbdintctxt) if (kbdintctxt->device) kbdint_reset_device(kbdintctxt); free(kbdintctxt->devices); - explicit_bzero(kbdintctxt, sizeof(*kbdintctxt)); - free(kbdintctxt); + freezero(kbdintctxt, sizeof(*kbdintctxt)); } /* get next device */ static int diff --git a/auth2-passwd.c b/auth2-passwd.c index 6601e8664..bb5f8192d 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.18 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -66,8 +66,7 @@ userauth_passwd(struct ssh *ssh) logit("password change not supported"); else if (PRIVSEP(auth_password(ssh, password)) == 1) authenticated = 1; - explicit_bzero(password, len); - free(password); + freezero(password, len); return authenticated; } diff --git a/authfd.c b/authfd.c index 05fd45401..9831a1290 100644 --- a/authfd.c +++ b/authfd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: authfd.c,v 1.121 2019/12/21 02:19:13 djm Exp $ */ +/* $OpenBSD: authfd.c,v 1.122 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -561,10 +561,8 @@ ssh_remove_identity(int sock, struct sshkey *key) goto out; r = decode_reply(type); out: - if (blob != NULL) { - explicit_bzero(blob, blen); - free(blob); - } + if (blob != NULL) + freezero(blob, blen); sshbuf_free(msg); return r; } diff --git a/channels.c b/channels.c index 226ba7a39..19c22c4ef 100644 --- a/channels.c +++ b/channels.c @@ -1,4 +1,4 @@ -/* $OpenBSD: channels.c,v 1.395 2020/01/25 06:40:20 djm Exp $ */ +/* $OpenBSD: channels.c,v 1.396 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -625,14 +625,12 @@ channel_free(struct ssh *ssh, Channel *c) if (cc->abandon_cb != NULL) cc->abandon_cb(ssh, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - explicit_bzero(cc, sizeof(*cc)); - free(cc); + freezero(cc, sizeof(*cc)); } if (c->filter_cleanup != NULL && c->filter_ctx != NULL) c->filter_cleanup(ssh, c->self, c->filter_ctx); sc->channels[c->self] = NULL; - explicit_bzero(c, sizeof(*c)); - free(c); + freezero(c, sizeof(*c)); } void @@ -3295,8 +3293,7 @@ channel_input_status_confirm(int type, u_int32_t seq, struct ssh *ssh) return 0; cc->cb(ssh, type, c, cc->ctx); TAILQ_REMOVE(&c->status_confirms, cc, entry); - explicit_bzero(cc, sizeof(*cc)); - free(cc); + freezero(cc, sizeof(*cc)); return 0; } diff --git a/cipher.c b/cipher.c index 820bc6ace..54d325ee2 100644 --- a/cipher.c +++ b/cipher.c @@ -1,4 +1,4 @@ -/* $OpenBSD: cipher.c,v 1.114 2020/01/23 10:24:29 dtucker Exp $ */ +/* $OpenBSD: cipher.c,v 1.115 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -328,8 +328,7 @@ cipher_init(struct sshcipher_ctx **ccp, const struct sshcipher *cipher, #ifdef WITH_OPENSSL EVP_CIPHER_CTX_free(cc->evp); #endif /* WITH_OPENSSL */ - explicit_bzero(cc, sizeof(*cc)); - free(cc); + freezero(cc, sizeof(*cc)); } } return ret; @@ -434,8 +433,7 @@ cipher_free(struct sshcipher_ctx *cc) EVP_CIPHER_CTX_free(cc->evp); cc->evp = NULL; #endif - explicit_bzero(cc, sizeof(*cc)); - free(cc); + freezero(cc, sizeof(*cc)); } /* diff --git a/clientloop.c b/clientloop.c index 05fc92861..5bfccdd35 100644 --- a/clientloop.c +++ b/clientloop.c @@ -1,4 +1,4 @@ -/* $OpenBSD: clientloop.c,v 1.341 2020/02/26 01:31:47 dtucker Exp $ */ +/* $OpenBSD: clientloop.c,v 1.342 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -473,8 +473,7 @@ client_global_request_reply(int type, u_int32_t seq, struct ssh *ssh) gc->cb(ssh, type, seq, gc->ctx); if (--gc->ref_count <= 0) { TAILQ_REMOVE(&global_confirms, gc, entry); - explicit_bzero(gc, sizeof(*gc)); - free(gc); + freezero(gc, sizeof(*gc)); } ssh_packet_set_alive_timeouts(ssh, 0); diff --git a/digest-libc.c b/digest-libc.c index 12737e5d5..86a1dbf29 100644 --- a/digest-libc.c +++ b/digest-libc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: digest-libc.c,v 1.6 2017/05/08 22:57:38 djm Exp $ */ +/* $OpenBSD: digest-libc.c,v 1.7 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2013 Damien Miller * Copyright (c) 2014 Markus Friedl. All rights reserved. @@ -230,8 +230,7 @@ ssh_digest_free(struct ssh_digest_ctx *ctx) if (digest) { explicit_bzero(ctx->mdctx, digest->ctx_len); free(ctx->mdctx); - explicit_bzero(ctx, sizeof(*ctx)); - free(ctx); + freezero(ctx, sizeof(*ctx)); } } } diff --git a/hmac.c b/hmac.c index 32688876d..7b588019e 100644 --- a/hmac.c +++ b/hmac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hmac.c,v 1.13 2019/09/06 04:53:27 djm Exp $ */ +/* $OpenBSD: hmac.c,v 1.14 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2014 Markus Friedl. All rights reserved. * @@ -131,8 +131,7 @@ ssh_hmac_free(struct ssh_hmac_ctx *ctx) explicit_bzero(ctx->buf, ctx->buf_len); free(ctx->buf); } - explicit_bzero(ctx, sizeof(*ctx)); - free(ctx); + freezero(ctx, sizeof(*ctx)); } } diff --git a/hostfile.c b/hostfile.c index 4a0349a60..7af47adf3 100644 --- a/hostfile.c +++ b/hostfile.c @@ -1,4 +1,4 @@ -/* $OpenBSD: hostfile.c,v 1.77 2020/01/25 00:21:08 djm Exp $ */ +/* $OpenBSD: hostfile.c,v 1.78 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -298,8 +298,7 @@ free_hostkeys(struct hostkeys *hostkeys) explicit_bzero(hostkeys->entries + i, sizeof(*hostkeys->entries)); } free(hostkeys->entries); - explicit_bzero(hostkeys, sizeof(*hostkeys)); - free(hostkeys); + freezero(hostkeys, sizeof(*hostkeys)); } static int diff --git a/kex.c b/kex.c index ce85f0439..899036e6e 100644 --- a/kex.c +++ b/kex.c @@ -1,4 +1,4 @@ -/* $OpenBSD: kex.c,v 1.156 2020/01/23 10:24:29 dtucker Exp $ */ +/* $OpenBSD: kex.c,v 1.157 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * @@ -670,8 +670,7 @@ kex_free_newkeys(struct newkeys *newkeys) } free(newkeys->mac.name); explicit_bzero(&newkeys->mac, sizeof(newkeys->mac)); - explicit_bzero(newkeys, sizeof(*newkeys)); - free(newkeys); + freezero(newkeys, sizeof(*newkeys)); } void diff --git a/monitor.c b/monitor.c index 2ce89fe90..9a67d937b 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.208 2020/02/06 22:30:54 naddy Exp $ */ +/* $OpenBSD: monitor.c,v 1.209 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -893,8 +893,7 @@ mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) /* Only authenticate if the context is valid */ authenticated = options.password_authentication && auth_password(ssh, passwd); - explicit_bzero(passwd, plen); - free(passwd); + freezero(passwd, plen); sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) diff --git a/ssh-add.c b/ssh-add.c index 18f4e12dd..c7bb02cb0 100644 --- a/ssh-add.c +++ b/ssh-add.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-add.c,v 1.153 2020/02/18 08:58:33 dtucker Exp $ */ +/* $OpenBSD: ssh-add.c,v 1.154 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -105,8 +105,7 @@ static void clear_pass(void) { if (pass) { - explicit_bzero(pass, strlen(pass)); - free(pass); + freezero(pass, strlen(pass)); pass = NULL; } } @@ -521,8 +520,7 @@ lock_agent(int agent_fd, int lock) fprintf(stderr, "Passwords do not match.\n"); passok = 0; } - explicit_bzero(p2, strlen(p2)); - free(p2); + freezero(p2, strlen(p2)); } if (passok) { if ((r = ssh_lock_agent(agent_fd, lock, p1)) == 0) { @@ -533,8 +531,7 @@ lock_agent(int agent_fd, int lock) lock ? "" : "un", ssh_err(r)); } } - explicit_bzero(p1, strlen(p1)); - free(p1); + freezero(p1, strlen(p1)); return (ret); } diff --git a/ssh-agent.c b/ssh-agent.c index 7eb6f0dc5..9e8366a7c 100644 --- a/ssh-agent.c +++ b/ssh-agent.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-agent.c,v 1.255 2020/02/06 22:30:54 naddy Exp $ */ +/* $OpenBSD: ssh-agent.c,v 1.256 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -620,8 +620,7 @@ process_lock_agent(SocketEntry *e, int lock) fatal("bcrypt_pbkdf"); success = 1; } - explicit_bzero(passwd, pwlen); - free(passwd); + freezero(passwd, pwlen); send_status(e, success); } diff --git a/ssh-dss.c b/ssh-dss.c index a23c383dc..fddc29cc9 100644 --- a/ssh-dss.c +++ b/ssh-dss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-dss.c,v 1.37 2018/02/07 02:06:51 jsing Exp $ */ +/* $OpenBSD: ssh-dss.c,v 1.39 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -200,10 +200,8 @@ ssh_dss_verify(const struct sshkey *key, BN_clear_free(sig_s); sshbuf_free(b); free(ktype); - if (sigblob != NULL) { - explicit_bzero(sigblob, len); - free(sigblob); - } + if (sigblob != NULL) + freezero(sigblob, len); return ret; } #endif /* WITH_OPENSSL */ diff --git a/ssh-ed25519-sk.c b/ssh-ed25519-sk.c index b6f28c09a..f784776d4 100644 --- a/ssh-ed25519-sk.c +++ b/ssh-ed25519-sk.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519-sk.c,v 1.4 2019/11/26 03:04:27 djm Exp $ */ +/* $OpenBSD: ssh-ed25519-sk.c,v 1.5 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2019 Markus Friedl. All rights reserved. * @@ -154,10 +154,8 @@ ssh_ed25519_sk_verify(const struct sshkey *key, details = NULL; } out: - if (m != NULL) { - explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */ - free(m); - } + if (m != NULL) + freezero(m, smlen); /* NB mlen may be invalid if r != 0 */ sshkey_sig_details_free(details); sshbuf_free(b); sshbuf_free(encoded); diff --git a/ssh-ed25519.c b/ssh-ed25519.c index 5163e0297..7dee82707 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */ +/* $OpenBSD: ssh-ed25519.c,v 1.8 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2013 Markus Friedl * @@ -83,10 +83,8 @@ ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, r = 0; out: sshbuf_free(b); - if (sig != NULL) { - explicit_bzero(sig, slen); - free(sig); - } + if (sig != NULL) + freezero(sig, slen); return r; } @@ -153,14 +151,10 @@ ssh_ed25519_verify(const struct sshkey *key, /* success */ r = 0; out: - if (sm != NULL) { - explicit_bzero(sm, smlen); - free(sm); - } - if (m != NULL) { - explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */ - free(m); - } + if (sm != NULL) + freezero(sm, smlen); + if (m != NULL) + freezero(m, smlen); /* NB mlen may be invalid if r != 0 */ sshbuf_free(b); free(ktype); return r; diff --git a/ssh-keygen.c b/ssh-keygen.c index 0d6ed1fff..d9c207b42 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.398 2020/02/07 03:27:54 djm Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.399 2020/02/26 13:40:09 jsg Exp $ */ /* * Author: Tatu Ylonen * Copyright (c) 1994 Tatu Ylonen , Espoo, Finland @@ -327,8 +327,7 @@ load_identity(const char *filename, char **commentp) else pass = read_passphrase("Enter passphrase: ", RP_ALLOW_STDIN); r = sshkey_load_private(filename, pass, &prv, commentp); - explicit_bzero(pass, strlen(pass)); - free(pass); + freezero(pass, strlen(pass)); if (r != 0) fatal("Load key \"%s\": %s", filename, ssh_err(r)); return prv; @@ -1424,8 +1423,7 @@ do_change_passphrase(struct passwd *pw) RP_ALLOW_STDIN); r = sshkey_load_private(identity_file, old_passphrase, &private, &comment); - explicit_bzero(old_passphrase, strlen(old_passphrase)); - free(old_passphrase); + freezero(old_passphrase, strlen(old_passphrase)); if (r != 0) goto badkey; } else if (r != 0) { @@ -1456,8 +1454,7 @@ do_change_passphrase(struct passwd *pw) exit(1); } /* Destroy the other copy. */ - explicit_bzero(passphrase2, strlen(passphrase2)); - free(passphrase2); + freezero(passphrase2, strlen(passphrase2)); } /* Save the file using the new passphrase. */ @@ -1465,15 +1462,13 @@ do_change_passphrase(struct passwd *pw) comment, private_key_format, openssh_format_cipher, rounds)) != 0) { error("Saving key \"%s\" failed: %s.", identity_file, ssh_err(r)); - explicit_bzero(passphrase1, strlen(passphrase1)); - free(passphrase1); + freezero(passphrase1, strlen(passphrase1)); sshkey_free(private); free(comment); exit(1); } /* Destroy the passphrase and the copy of the key in memory. */ - explicit_bzero(passphrase1, strlen(passphrase1)); - free(passphrase1); + freezero(passphrase1, strlen(passphrase1)); sshkey_free(private); /* Destroys contents */ free(comment); @@ -1543,8 +1538,7 @@ do_change_comment(struct passwd *pw, const char *identity_comment) /* Try to load using the passphrase. */ if ((r = sshkey_load_private(identity_file, passphrase, &private, &comment)) != 0) { - explicit_bzero(passphrase, strlen(passphrase)); - free(passphrase); + freezero(passphrase, strlen(passphrase)); fatal("Cannot load private key \"%s\": %s.", identity_file, ssh_err(r)); } @@ -1589,14 +1583,12 @@ do_change_comment(struct passwd *pw, const char *identity_comment) rounds)) != 0) { error("Saving key \"%s\" failed: %s", identity_file, ssh_err(r)); - explicit_bzero(passphrase, strlen(passphrase)); - free(passphrase); + freezero(passphrase, strlen(passphrase)); sshkey_free(private); free(comment); exit(1); } - explicit_bzero(passphrase, strlen(passphrase)); - free(passphrase); + freezero(passphrase, strlen(passphrase)); if ((r = sshkey_from_private(private, &public)) != 0) fatal("sshkey_from_private failed: %s", ssh_err(r)); sshkey_free(private); diff --git a/ssh-xmss.c b/ssh-xmss.c index 4c734fd7d..ccd4c7600 100644 --- a/ssh-xmss.c +++ b/ssh-xmss.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-xmss.c,v 1.1 2018/02/23 15:58:38 markus Exp $*/ +/* $OpenBSD: ssh-xmss.c,v 1.2 2020/02/26 13:40:09 jsg Exp $*/ /* * Copyright (c) 2017 Stefan-Lukas Gazdag. * Copyright (c) 2017 Markus Friedl. @@ -103,10 +103,8 @@ ssh_xmss_sign(const struct sshkey *key, u_char **sigp, size_t *lenp, r = ret; } sshbuf_free(b); - if (sig != NULL) { - explicit_bzero(sig, slen); - free(sig); - } + if (sig != NULL) + freezero(sig, slen); return r; } @@ -177,14 +175,10 @@ ssh_xmss_verify(const struct sshkey *key, /* success */ r = 0; out: - if (sm != NULL) { - explicit_bzero(sm, smlen); - free(sm); - } - if (m != NULL) { - explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */ - free(m); - } + if (sm != NULL) + freezero(sm, smlen); + if (m != NULL) + freezero(m, smlen); sshbuf_free(b); free(ktype); return r; diff --git a/sshbuf-misc.c b/sshbuf-misc.c index c0336e867..9b5aa208c 100644 --- a/sshbuf-misc.c +++ b/sshbuf-misc.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf-misc.c,v 1.13 2020/01/25 23:28:06 djm Exp $ */ +/* $OpenBSD: sshbuf-misc.c,v 1.14 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -156,17 +156,14 @@ sshbuf_b64tod(struct sshbuf *buf, const char *b64) if ((p = malloc(plen)) == NULL) return SSH_ERR_ALLOC_FAIL; if ((nlen = b64_pton(b64, p, plen)) < 0) { - explicit_bzero(p, plen); - free(p); + freezero(p, plen); return SSH_ERR_INVALID_FORMAT; } if ((r = sshbuf_put(buf, p, nlen)) < 0) { - explicit_bzero(p, plen); - free(p); + freezero(p, plen); return r; } - explicit_bzero(p, plen); - free(p); + freezero(p, plen); return 0; } diff --git a/sshbuf.c b/sshbuf.c index f4f7a220f..368ba7980 100644 --- a/sshbuf.c +++ b/sshbuf.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshbuf.c,v 1.14 2020/01/23 07:10:22 dtucker Exp $ */ +/* $OpenBSD: sshbuf.c,v 1.15 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2011 Damien Miller * @@ -164,8 +164,7 @@ sshbuf_free(struct sshbuf *buf) explicit_bzero(buf->d, buf->alloc); free(buf->d); } - explicit_bzero(buf, sizeof(*buf)); - free(buf); + freezero(buf, sizeof(*buf)); } void diff --git a/sshkey.c b/sshkey.c index 57995ee68..63e568a04 100644 --- a/sshkey.c +++ b/sshkey.c @@ -1,4 +1,4 @@ -/* $OpenBSD: sshkey.c,v 1.99 2020/01/21 05:56:56 djm Exp $ */ +/* $OpenBSD: sshkey.c,v 1.100 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright (c) 2000, 2001 Markus Friedl. All rights reserved. * Copyright (c) 2008 Alexander von Gernler. All rights reserved. @@ -1019,10 +1019,8 @@ sshkey_fingerprint_raw(const struct sshkey *k, int dgst_alg, r = 0; out: free(ret); - if (blob != NULL) { - explicit_bzero(blob, blob_len); - free(blob); - } + if (blob != NULL) + freezero(blob, blob_len); return r; } @@ -1280,12 +1278,10 @@ sshkey_fingerprint(const struct sshkey *k, int dgst_alg, dgst_raw, dgst_raw_len, k); break; default: - explicit_bzero(dgst_raw, dgst_raw_len); - free(dgst_raw); + freezero(dgst_raw, dgst_raw_len); return NULL; } - explicit_bzero(dgst_raw, dgst_raw_len); - free(dgst_raw); + freezero(dgst_raw, dgst_raw_len); return retval; } @@ -4054,18 +4050,12 @@ sshkey_private_to_blob2(struct sshkey *prv, struct sshbuf *blob, sshbuf_free(encrypted); cipher_free(ciphercontext); explicit_bzero(salt, sizeof(salt)); - if (key != NULL) { - explicit_bzero(key, keylen + ivlen); - free(key); - } - if (pubkeyblob != NULL) { - explicit_bzero(pubkeyblob, pubkeylen); - free(pubkeyblob); - } - if (b64 != NULL) { - explicit_bzero(b64, strlen(b64)); - free(b64); - } + if (key != NULL) + freezero(key, keylen + ivlen); + if (pubkeyblob != NULL) + freezero(pubkeyblob, pubkeylen); + if (b64 != NULL) + freezero(b64, strlen(b64)); return r; } @@ -4273,14 +4263,10 @@ sshkey_parse_private2(struct sshbuf *blob, int type, const char *passphrase, free(ciphername); free(kdfname); free(comment); - if (salt != NULL) { - explicit_bzero(salt, slen); - free(salt); - } - if (key != NULL) { - explicit_bzero(key, keylen + ivlen); - free(key); - } + if (salt != NULL) + freezero(salt, slen); + if (key != NULL) + freezero(key, keylen + ivlen); sshbuf_free(encoded); sshbuf_free(decoded); sshbuf_free(kdf); diff --git a/umac.c b/umac.c index 2a6b6ae6b..23132e94e 100644 --- a/umac.c +++ b/umac.c @@ -1,4 +1,4 @@ -/* $OpenBSD: umac.c,v 1.18 2019/11/13 04:47:52 deraadt Exp $ */ +/* $OpenBSD: umac.c,v 1.19 2020/02/26 13:40:09 jsg Exp $ */ /* ----------------------------------------------------------------------- * * umac.c -- C Implementation UMAC Message Authentication @@ -1205,8 +1205,7 @@ int umac_delete(struct umac_ctx *ctx) if (ctx) { if (ALLOC_BOUNDARY) ctx = (struct umac_ctx *)ctx->free_ptr; - explicit_bzero(ctx, sizeof(*ctx) + ALLOC_BOUNDARY); - free(ctx); + freezero(ctx, sizeof(*ctx) + ALLOC_BOUNDARY); } return (1); }