- djm@cvs.openbsd.org 2014/02/02 03:44:32 [auth1.c auth2-chall.c auth2-passwd.c authfile.c bufaux.c bufbn.c] [buffer.c cipher-3des1.c cipher.c clientloop.c gss-serv.c kex.c] [kexdhc.c kexdhs.c kexecdhc.c kexgexc.c kexecdhs.c kexgexs.c key.c] [monitor.c monitor_wrap.c packet.c readpass.c rsa.c serverloop.c] [ssh-add.c ssh-agent.c ssh-dss.c ssh-ecdsa.c ssh-ed25519.c] [ssh-keygen.c ssh-rsa.c sshconnect.c sshconnect1.c sshconnect2.c] [sshd.c] convert memset of potentially-private data to explicit_bzero()

commit: a5103f413bde6f31bff85d6e1fd29799c647d765 [log] [tgz]
author: Damien Miller <djm@mindrot.org> Tue Feb 04 11:20:14 2014 +1100
committer: Damien Miller <djm@mindrot.org> Tue Feb 04 11:20:14 2014 +1100
tree: 0b35ad9292b2ca8d58229435865d0ec3818e5981
parent: 1d2c4564265ee827147af246a16f3777741411ed [diff] [blame]
diff --git a/auth2-chall.c b/auth2-chall.c
index 4cfd8ff..980250a 100644
--- a/auth2-chall.c
+++ b/auth2-chall.c

@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-chall.c,v 1.40 2014/01/31 16:39:19 tedu Exp $ */
+/* $OpenBSD: auth2-chall.c,v 1.41 2014/02/02 03:44:31 djm Exp $ */
 /*
  * Copyright (c) 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2001 Per Allansson.  All rights reserved.
@@ -312,7 +312,7 @@
 	res = kbdintctxt->device->respond(kbdintctxt->ctxt, nresp, response);
 
 	for (i = 0; i < nresp; i++) {
-		memset(response[i], 'r', strlen(response[i]));
+		explicit_bzero(response[i], strlen(response[i]));
 		free(response[i]);
 	}
 	free(response);
commit	a5103f413bde6f31bff85d6e1fd29799c647d765	[log] [tgz]
author	Damien Miller <djm@mindrot.org>	Tue Feb 04 11:20:14 2014 +1100
committer	Damien Miller <djm@mindrot.org>	Tue Feb 04 11:20:14 2014 +1100
tree	0b35ad9292b2ca8d58229435865d0ec3818e5981
parent	1d2c4564265ee827147af246a16f3777741411ed [diff] [blame]