From a5103f413bde6f31bff85d6e1fd29799c647d765 Mon Sep 17 00:00:00 2001 From: Damien Miller Date: Tue, 4 Feb 2014 11:20:14 +1100 Subject: - djm@cvs.openbsd.org 2014/02/02 03:44:32 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero() --- ssh-ed25519.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'ssh-ed25519.c') diff --git a/ssh-ed25519.c b/ssh-ed25519.c index 1aedcf83..56c480df 100644 --- a/ssh-ed25519.c +++ b/ssh-ed25519.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-ed25519.c,v 1.1 2013/12/06 13:39:49 markus Exp $ */ +/* $OpenBSD: ssh-ed25519.c,v 1.2 2014/02/02 03:44:31 djm Exp $ */ /* * Copyright (c) 2013 Markus Friedl * @@ -66,7 +66,7 @@ ssh_ed25519_sign(const Key *key, u_char **sigp, u_int *lenp, memcpy(*sigp, buffer_ptr(&b), len); } buffer_free(&b); - memset(sig, 's', slen); + explicit_bzero(sig, slen); free(sig); return 0; @@ -130,9 +130,9 @@ ssh_ed25519_verify(const Key *key, const u_char *signature, u_int signaturelen, } /* XXX compare 'm' and 'data' ? */ - memset(sigblob, 's', len); - memset(sm, 'S', smlen); - memset(m, 'm', smlen); /* NB. mlen may be invalid if ret != 0 */ + explicit_bzero(sigblob, len); + explicit_bzero(sm, smlen); + explicit_bzero(m, smlen); /* NB. mlen may be invalid if ret != 0 */ free(sigblob); free(sm); free(m); -- cgit v1.2.1