From d5ba1c03278eb079438bb038266d80d7477d49cb Mon Sep 17 00:00:00 2001 From: "jsg@openbsd.org" Date: Wed, 26 Feb 2020 13:40:09 +0000 Subject: upstream: change explicit_bzero();free() to freezero() While freezero() returns early if the pointer is NULL the tests for NULL in callers are left to avoid warnings about passing an uninitialised size argument across a function boundry. ok deraadt@ djm@ OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a --- monitor.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'monitor.c') diff --git a/monitor.c b/monitor.c index 2ce89fe9..9a67d937 100644 --- a/monitor.c +++ b/monitor.c @@ -1,4 +1,4 @@ -/* $OpenBSD: monitor.c,v 1.208 2020/02/06 22:30:54 naddy Exp $ */ +/* $OpenBSD: monitor.c,v 1.209 2020/02/26 13:40:09 jsg Exp $ */ /* * Copyright 2002 Niels Provos * Copyright 2002 Markus Friedl @@ -893,8 +893,7 @@ mm_answer_authpassword(struct ssh *ssh, int sock, struct sshbuf *m) /* Only authenticate if the context is valid */ authenticated = options.password_authentication && auth_password(ssh, passwd); - explicit_bzero(passwd, plen); - free(passwd); + freezero(passwd, plen); sshbuf_reset(m); if ((r = sshbuf_put_u32(m, authenticated)) != 0) -- cgit v1.2.1