upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a
author: jsg@openbsd.org <jsg@openbsd.org> 2020-02-26 13:40:09 +0000
committer: Damien Miller <djm@mindrot.org> 2020-02-28 12:26:28 +1100
commit: d5ba1c03278eb079438bb038266d80d7477d49cb (patch)
tree: 6d8dd2d802af796bcb7c9d6d018196a448bb9ff6 /auth2-passwd.c
parent: 9e3220b585c5be19a7431ea4ff8884c137b3a81c (diff)
download: openssh-git-d5ba1c03278eb079438bb038266d80d7477d49cb.tar.gz
1 files changed, 2 insertions, 3 deletions
diff --git a/auth2-passwd.c b/auth2-passwd.c
index 6601e866..bb5f8192 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.17 2019/09/06 04:53:27 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.18 2020/02/26 13:40:09 jsg Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -66,8 +66,7 @@ userauth_passwd(struct ssh *ssh)
 		logit("password change not supported");
 	else if (PRIVSEP(auth_password(ssh, password)) == 1)
 		authenticated = 1;
-	explicit_bzero(password, len);
-	free(password);
+	freezero(password, len);
 	return authenticated;
 }
author	jsg@openbsd.org <jsg@openbsd.org>	2020-02-26 13:40:09 +0000
committer	Damien Miller <djm@mindrot.org>	2020-02-28 12:26:28 +1100
commit	d5ba1c03278eb079438bb038266d80d7477d49cb (patch)
tree	6d8dd2d802af796bcb7c9d6d018196a448bb9ff6 /auth2-passwd.c
parent	9e3220b585c5be19a7431ea4ff8884c137b3a81c (diff)
download	openssh-git-d5ba1c03278eb079438bb038266d80d7477d49cb.tar.gz