f0757b41ab
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar> Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
580 lines
17 KiB
Diff
580 lines
17 KiB
Diff
Switch usage of SUSv3-deprecated bzero(a,b) to memset(a, 0, b).
|
|
|
|
Signed-off-by: Gustavo Zacarias <gustavo@zacarias.com.ar>
|
|
|
|
diff -Nura openssh-6.3p1.orig/auth2-chall.c openssh-6.3p1/auth2-chall.c
|
|
--- openssh-6.3p1.orig/auth2-chall.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/auth2-chall.c 2013-10-22 09:47:38.665516102 -0300
|
|
@@ -148,7 +148,7 @@
|
|
if (kbdintctxt->device)
|
|
kbdint_reset_device(kbdintctxt);
|
|
free(kbdintctxt->devices);
|
|
- bzero(kbdintctxt, sizeof(*kbdintctxt));
|
|
+ memset(kbdintctxt, 0, sizeof(*kbdintctxt));
|
|
free(kbdintctxt);
|
|
}
|
|
/* get next device */
|
|
diff -Nura openssh-6.3p1.orig/auth2-jpake.c openssh-6.3p1/auth2-jpake.c
|
|
--- openssh-6.3p1.orig/auth2-jpake.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/auth2-jpake.c 2013-10-22 09:43:32.504472356 -0300
|
|
@@ -178,7 +178,7 @@
|
|
fatal("%s: not enough bytes for rawsalt (want %u have %u)",
|
|
__func__, len, digest_len);
|
|
memcpy(rawsalt, digest, len);
|
|
- bzero(digest, digest_len);
|
|
+ memset(digest, 0, digest_len);
|
|
free(digest);
|
|
}
|
|
|
|
@@ -203,10 +203,10 @@
|
|
fatal("%s: want %u", __func__, want);
|
|
|
|
derive_rawsalt(user, rawsalt, sizeof(rawsalt));
|
|
- bzero(ret, sizeof(ret));
|
|
+ memset(ret, 0, sizeof(ret));
|
|
for (i = 0; i < want; i++)
|
|
ret[i] = pw_encode64(rawsalt[i]);
|
|
- bzero(rawsalt, sizeof(rawsalt));
|
|
+ memset(rawsalt, 0, sizeof(rawsalt));
|
|
|
|
return ret;
|
|
}
|
|
@@ -360,7 +360,7 @@
|
|
debug3("%s: scheme = %s", __func__, *hash_scheme);
|
|
JPAKE_DEBUG_BN((*s, "%s: s = ", __func__));
|
|
#endif
|
|
- bzero(secret, secret_len);
|
|
+ memset(secret, 0, secret_len);
|
|
free(secret);
|
|
}
|
|
|
|
@@ -401,12 +401,12 @@
|
|
packet_send();
|
|
packet_write_wait();
|
|
|
|
- bzero(hash_scheme, strlen(hash_scheme));
|
|
- bzero(salt, strlen(salt));
|
|
+ memset(hash_scheme, 0, strlen(hash_scheme));
|
|
+ memset(salt, 0, strlen(salt));
|
|
free(hash_scheme);
|
|
free(salt);
|
|
- bzero(x3_proof, x3_proof_len);
|
|
- bzero(x4_proof, x4_proof_len);
|
|
+ memset(x3_proof, 0, x3_proof_len);
|
|
+ memset(x4_proof, 0, x4_proof_len);
|
|
free(x3_proof);
|
|
free(x4_proof);
|
|
|
|
@@ -453,8 +453,8 @@
|
|
&pctx->b,
|
|
&x4_s_proof, &x4_s_proof_len));
|
|
|
|
- bzero(x1_proof, x1_proof_len);
|
|
- bzero(x2_proof, x2_proof_len);
|
|
+ memset(x1_proof, 0, x1_proof_len);
|
|
+ memset(x2_proof, 0, x2_proof_len);
|
|
free(x1_proof);
|
|
free(x2_proof);
|
|
|
|
@@ -468,7 +468,7 @@
|
|
packet_send();
|
|
packet_write_wait();
|
|
|
|
- bzero(x4_s_proof, x4_s_proof_len);
|
|
+ memset(x4_s_proof, 0, x4_s_proof_len);
|
|
free(x4_s_proof);
|
|
|
|
/* Expect step 2 packet from peer */
|
|
@@ -509,7 +509,7 @@
|
|
&pctx->k,
|
|
&pctx->h_k_sid_sessid, &pctx->h_k_sid_sessid_len));
|
|
|
|
- bzero(x2_s_proof, x2_s_proof_len);
|
|
+ memset(x2_s_proof, 0, x2_s_proof_len);
|
|
free(x2_s_proof);
|
|
|
|
if (!use_privsep)
|
|
diff -Nura openssh-6.3p1.orig/authfd.c openssh-6.3p1/authfd.c
|
|
--- openssh-6.3p1.orig/authfd.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/authfd.c 2013-10-22 09:47:48.208827946 -0300
|
|
@@ -102,7 +102,7 @@
|
|
if (!authsocket)
|
|
return -1;
|
|
|
|
- bzero(&sunaddr, sizeof(sunaddr));
|
|
+ memset(&sunaddr, 0, sizeof(sunaddr));
|
|
sunaddr.sun_family = AF_UNIX;
|
|
strlcpy(sunaddr.sun_path, authsocket, sizeof(sunaddr.sun_path));
|
|
|
|
diff -Nura openssh-6.3p1.orig/authfile.c openssh-6.3p1/authfile.c
|
|
--- openssh-6.3p1.orig/authfile.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/authfile.c 2013-10-22 09:47:08.538531649 -0300
|
|
@@ -349,17 +349,17 @@
|
|
__func__, filename == NULL ? "" : filename,
|
|
filename == NULL ? "" : " ", strerror(errno));
|
|
buffer_clear(blob);
|
|
- bzero(buf, sizeof(buf));
|
|
+ memset(buf, 0, sizeof(buf));
|
|
return 0;
|
|
}
|
|
buffer_append(blob, buf, len);
|
|
if (buffer_len(blob) > MAX_KEY_FILE_SIZE) {
|
|
buffer_clear(blob);
|
|
- bzero(buf, sizeof(buf));
|
|
+ memset(buf, 0, sizeof(buf));
|
|
goto toobig;
|
|
}
|
|
}
|
|
- bzero(buf, sizeof(buf));
|
|
+ memset(buf, 0, sizeof(buf));
|
|
if ((st.st_mode & (S_IFSOCK|S_IFCHR|S_IFIFO)) == 0 &&
|
|
st.st_size != buffer_len(blob)) {
|
|
debug("%s: key file %.200s%schanged size while reading",
|
|
diff -Nura openssh-6.3p1.orig/bufaux.c openssh-6.3p1/bufaux.c
|
|
--- openssh-6.3p1.orig/bufaux.c 2013-07-18 03:12:44.000000000 -0300
|
|
+++ openssh-6.3p1/bufaux.c 2013-10-22 09:47:56.220089728 -0300
|
|
@@ -215,7 +215,7 @@
|
|
if (cp == ret + length - 1)
|
|
error("buffer_get_cstring_ret: string contains \\0");
|
|
else {
|
|
- bzero(ret, length);
|
|
+ memset(ret, 0, length);
|
|
free(ret);
|
|
return NULL;
|
|
}
|
|
diff -Nura openssh-6.3p1.orig/bufec.c openssh-6.3p1/bufec.c
|
|
--- openssh-6.3p1.orig/bufec.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/bufec.c 2013-10-22 09:48:07.798468072 -0300
|
|
@@ -77,7 +77,7 @@
|
|
ret = 0;
|
|
out:
|
|
if (buf != NULL) {
|
|
- bzero(buf, len);
|
|
+ memset(buf, 0, len);
|
|
free(buf);
|
|
}
|
|
BN_CTX_free(bnctx);
|
|
@@ -130,7 +130,7 @@
|
|
ret = 0;
|
|
out:
|
|
BN_CTX_free(bnctx);
|
|
- bzero(buf, len);
|
|
+ memset(buf, 0, len);
|
|
free(buf);
|
|
return ret;
|
|
}
|
|
diff -Nura openssh-6.3p1.orig/canohost.c openssh-6.3p1/canohost.c
|
|
--- openssh-6.3p1.orig/canohost.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/canohost.c 2013-10-22 09:48:16.484751912 -0300
|
|
@@ -199,7 +199,7 @@
|
|
memcpy(&inaddr, ((char *)&a6->sin6_addr) + 12, sizeof(inaddr));
|
|
port = a6->sin6_port;
|
|
|
|
- bzero(a4, sizeof(*a4));
|
|
+ memset(a4, 0, sizeof(*a4));
|
|
|
|
a4->sin_family = AF_INET;
|
|
*len = sizeof(*a4);
|
|
diff -Nura openssh-6.3p1.orig/channels.c openssh-6.3p1/channels.c
|
|
--- openssh-6.3p1.orig/channels.c 2013-09-13 03:19:31.000000000 -0300
|
|
+++ openssh-6.3p1/channels.c 2013-10-22 09:50:37.059773902 -0300
|
|
@@ -423,7 +423,7 @@
|
|
if (cc->abandon_cb != NULL)
|
|
cc->abandon_cb(c, cc->ctx);
|
|
TAILQ_REMOVE(&c->status_confirms, cc, entry);
|
|
- bzero(cc, sizeof(*cc));
|
|
+ memset(cc, 0, sizeof(*cc));
|
|
free(cc);
|
|
}
|
|
if (c->filter_cleanup != NULL && c->filter_ctx != NULL)
|
|
@@ -2668,7 +2668,7 @@
|
|
return;
|
|
cc->cb(type, c, cc->ctx);
|
|
TAILQ_REMOVE(&c->status_confirms, cc, entry);
|
|
- bzero(cc, sizeof(*cc));
|
|
+ memset(cc, 0, sizeof(*cc));
|
|
free(cc);
|
|
}
|
|
|
|
@@ -3289,7 +3289,7 @@
|
|
free(cctx->host);
|
|
if (cctx->aitop)
|
|
freeaddrinfo(cctx->aitop);
|
|
- bzero(cctx, sizeof(*cctx));
|
|
+ memset(cctx, 0, sizeof(*cctx));
|
|
cctx->host = NULL;
|
|
cctx->ai = cctx->aitop = NULL;
|
|
}
|
|
diff -Nura openssh-6.3p1.orig/clientloop.c openssh-6.3p1/clientloop.c
|
|
--- openssh-6.3p1.orig/clientloop.c 2013-06-10 00:07:12.000000000 -0300
|
|
+++ openssh-6.3p1/clientloop.c 2013-10-22 09:50:20.361228247 -0300
|
|
@@ -549,7 +549,7 @@
|
|
gc->cb(type, seq, gc->ctx);
|
|
if (--gc->ref_count <= 0) {
|
|
TAILQ_REMOVE(&global_confirms, gc, entry);
|
|
- bzero(gc, sizeof(*gc));
|
|
+ memset(gc, 0, sizeof(*gc));
|
|
free(gc);
|
|
}
|
|
|
|
@@ -876,7 +876,7 @@
|
|
int cancel_port, ok;
|
|
Forward fwd;
|
|
|
|
- bzero(&fwd, sizeof(fwd));
|
|
+ memset(&fwd, 0, sizeof(fwd));
|
|
fwd.listen_host = fwd.connect_host = NULL;
|
|
|
|
leave_raw_mode(options.request_tty == REQUEST_TTY_FORCE);
|
|
diff -Nura openssh-6.3p1.orig/hostfile.c openssh-6.3p1/hostfile.c
|
|
--- openssh-6.3p1.orig/hostfile.c 2013-07-18 03:12:45.000000000 -0300
|
|
+++ openssh-6.3p1/hostfile.c 2013-10-22 09:50:06.438773307 -0300
|
|
@@ -333,10 +333,10 @@
|
|
free(hostkeys->entries[i].host);
|
|
free(hostkeys->entries[i].file);
|
|
key_free(hostkeys->entries[i].key);
|
|
- bzero(hostkeys->entries + i, sizeof(*hostkeys->entries));
|
|
+ memset(hostkeys->entries + i, 0, sizeof(*hostkeys->entries));
|
|
}
|
|
free(hostkeys->entries);
|
|
- bzero(hostkeys, sizeof(*hostkeys));
|
|
+ memset(hostkeys, 0, sizeof(*hostkeys));
|
|
free(hostkeys);
|
|
}
|
|
|
|
diff -Nura openssh-6.3p1.orig/jpake.c openssh-6.3p1/jpake.c
|
|
--- openssh-6.3p1.orig/jpake.c 2013-06-01 18:31:18.000000000 -0300
|
|
+++ openssh-6.3p1/jpake.c 2013-10-22 09:49:54.371378983 -0300
|
|
@@ -105,7 +105,7 @@
|
|
#define JPAKE_BUF_CLEAR_FREE(v, l) \
|
|
do { \
|
|
if ((v) != NULL) { \
|
|
- bzero((v), (l)); \
|
|
+ memset((v), 0, (l)); \
|
|
free(v); \
|
|
(v) = NULL; \
|
|
(l) = 0; \
|
|
@@ -133,7 +133,7 @@
|
|
#undef JPAKE_BN_CLEAR_FREE
|
|
#undef JPAKE_BUF_CLEAR_FREE
|
|
|
|
- bzero(pctx, sizeof(*pctx));
|
|
+ memset(pctx, 0, sizeof(*pctx));
|
|
free(pctx);
|
|
}
|
|
|
|
@@ -444,7 +444,7 @@
|
|
else if (timingsafe_bcmp(peer_confirm_hash, expected_confirm_hash,
|
|
expected_confirm_hash_len) == 0)
|
|
success = 1;
|
|
- bzero(expected_confirm_hash, expected_confirm_hash_len);
|
|
+ memset(expected_confirm_hash, 0, expected_confirm_hash_len);
|
|
free(expected_confirm_hash);
|
|
debug3("%s: success = %d", __func__, success);
|
|
return success;
|
|
diff -Nura openssh-6.3p1.orig/krl.c openssh-6.3p1/krl.c
|
|
--- openssh-6.3p1.orig/krl.c 2013-07-24 22:52:49.000000000 -0300
|
|
+++ openssh-6.3p1/krl.c 2013-10-22 09:49:27.731508478 -0300
|
|
@@ -238,7 +238,7 @@
|
|
struct revoked_serial rs, *ers, *crs, *irs;
|
|
|
|
KRL_DBG(("%s: insert %llu:%llu", __func__, lo, hi));
|
|
- bzero(&rs, sizeof(rs));
|
|
+ memset(&rs, 0, sizeof(rs));
|
|
rs.lo = lo;
|
|
rs.hi = hi;
|
|
ers = RB_NFIND(revoked_serial_tree, rt, &rs);
|
|
@@ -1115,7 +1115,7 @@
|
|
struct revoked_certs *rc;
|
|
|
|
/* Check explicitly revoked hashes first */
|
|
- bzero(&rb, sizeof(rb));
|
|
+ memset(&rb, 0, sizeof(rb));
|
|
if ((rb.blob = key_fingerprint_raw(key, SSH_FP_SHA1, &rb.len)) == NULL)
|
|
return -1;
|
|
erb = RB_FIND(revoked_blob_tree, &krl->revoked_sha1s, &rb);
|
|
@@ -1126,7 +1126,7 @@
|
|
}
|
|
|
|
/* Next, explicit keys */
|
|
- bzero(&rb, sizeof(rb));
|
|
+ memset(&rb, 0, sizeof(rb));
|
|
if (plain_key_blob(key, &rb.blob, &rb.len) != 0)
|
|
return -1;
|
|
erb = RB_FIND(revoked_blob_tree, &krl->revoked_keys, &rb);
|
|
@@ -1147,7 +1147,7 @@
|
|
return 0; /* No entry for this CA */
|
|
|
|
/* Check revocation by cert key ID */
|
|
- bzero(&rki, sizeof(rki));
|
|
+ memset(&rki, 0, sizeof(rki));
|
|
rki.key_id = key->cert->key_id;
|
|
erki = RB_FIND(revoked_key_id_tree, &rc->revoked_key_ids, &rki);
|
|
if (erki != NULL) {
|
|
@@ -1162,7 +1162,7 @@
|
|
if (key_cert_is_legacy(key) || key->cert->serial == 0)
|
|
return 0;
|
|
|
|
- bzero(&rs, sizeof(rs));
|
|
+ memset(&rs, 0, sizeof(rs));
|
|
rs.lo = rs.hi = key->cert->serial;
|
|
ers = RB_FIND(revoked_serial_tree, &rc->revoked_serials, &rs);
|
|
if (ers != NULL) {
|
|
diff -Nura openssh-6.3p1.orig/monitor.c openssh-6.3p1/monitor.c
|
|
--- openssh-6.3p1.orig/monitor.c 2013-07-20 00:21:53.000000000 -0300
|
|
+++ openssh-6.3p1/monitor.c 2013-10-22 09:46:48.592879890 -0300
|
|
@@ -566,7 +566,7 @@
|
|
struct pollfd pfd[2];
|
|
|
|
for (;;) {
|
|
- bzero(&pfd, sizeof(pfd));
|
|
+ memset(&pfd, 0, sizeof(pfd));
|
|
pfd[0].fd = pmonitor->m_sendfd;
|
|
pfd[0].events = POLLIN;
|
|
pfd[1].fd = pmonitor->m_log_recvfd;
|
|
@@ -2193,8 +2193,8 @@
|
|
debug3("%s: sending step1", __func__);
|
|
mm_request_send(sock, MONITOR_ANS_JPAKE_STEP1, m);
|
|
|
|
- bzero(x3_proof, x3_proof_len);
|
|
- bzero(x4_proof, x4_proof_len);
|
|
+ memset(x3_proof, 0, x3_proof_len);
|
|
+ memset(x4_proof, 0, x4_proof_len);
|
|
free(x3_proof);
|
|
free(x4_proof);
|
|
|
|
@@ -2223,8 +2223,8 @@
|
|
debug3("%s: sending pwdata", __func__);
|
|
mm_request_send(sock, MONITOR_ANS_JPAKE_GET_PWDATA, m);
|
|
|
|
- bzero(hash_scheme, strlen(hash_scheme));
|
|
- bzero(salt, strlen(salt));
|
|
+ memset(hash_scheme, 0, strlen(hash_scheme));
|
|
+ memset(salt, 0, strlen(salt));
|
|
free(hash_scheme);
|
|
free(salt);
|
|
|
|
@@ -2263,8 +2263,8 @@
|
|
|
|
JPAKE_DEBUG_CTX((pctx, "step2 done in %s", __func__));
|
|
|
|
- bzero(x1_proof, x1_proof_len);
|
|
- bzero(x2_proof, x2_proof_len);
|
|
+ memset(x1_proof, 0, x1_proof_len);
|
|
+ memset(x2_proof, 0, x2_proof_len);
|
|
free(x1_proof);
|
|
free(x2_proof);
|
|
|
|
@@ -2276,7 +2276,7 @@
|
|
debug3("%s: sending step2", __func__);
|
|
mm_request_send(sock, MONITOR_ANS_JPAKE_STEP2, m);
|
|
|
|
- bzero(x4_s_proof, x4_s_proof_len);
|
|
+ memset(x4_s_proof, 0, x4_s_proof_len);
|
|
free(x4_s_proof);
|
|
|
|
monitor_permit(mon_dispatch, MONITOR_REQ_JPAKE_KEY_CONFIRM, 1);
|
|
@@ -2310,7 +2310,7 @@
|
|
|
|
JPAKE_DEBUG_CTX((pctx, "key_confirm done in %s", __func__));
|
|
|
|
- bzero(x2_s_proof, x2_s_proof_len);
|
|
+ memset(x2_s_proof, 0, x2_s_proof_len);
|
|
buffer_clear(m);
|
|
|
|
/* pctx->k is sensitive, not sent */
|
|
@@ -2344,7 +2344,7 @@
|
|
|
|
JPAKE_DEBUG_CTX((pctx, "check_confirm done in %s", __func__));
|
|
|
|
- bzero(peer_confirm_hash, peer_confirm_hash_len);
|
|
+ memset(peer_confirm_hash, 0, peer_confirm_hash_len);
|
|
free(peer_confirm_hash);
|
|
|
|
buffer_clear(m);
|
|
diff -Nura openssh-6.3p1.orig/sandbox-systrace.c openssh-6.3p1/sandbox-systrace.c
|
|
--- openssh-6.3p1.orig/sandbox-systrace.c 2013-06-01 18:46:17.000000000 -0300
|
|
+++ openssh-6.3p1/sandbox-systrace.c 2013-10-22 09:49:02.048669246 -0300
|
|
@@ -141,7 +141,7 @@
|
|
box->systrace_fd, child_pid, strerror(errno));
|
|
|
|
/* Allocate and assign policy */
|
|
- bzero(&policy, sizeof(policy));
|
|
+ memset(&policy, 0, sizeof(policy));
|
|
policy.strp_op = SYSTR_POLICY_NEW;
|
|
policy.strp_maxents = SYS_MAXSYSCALL;
|
|
if (ioctl(box->systrace_fd, STRIOCPOLICY, &policy) == -1)
|
|
diff -Nura openssh-6.3p1.orig/schnorr.c openssh-6.3p1/schnorr.c
|
|
--- openssh-6.3p1.orig/schnorr.c 2013-06-01 18:31:19.000000000 -0300
|
|
+++ openssh-6.3p1/schnorr.c 2013-10-22 09:47:27.631155534 -0300
|
|
@@ -101,7 +101,7 @@
|
|
SCHNORR_DEBUG_BN((h, "%s: h = ", __func__));
|
|
out:
|
|
buffer_free(&b);
|
|
- bzero(digest, digest_len);
|
|
+ memset(digest, 0, digest_len);
|
|
free(digest);
|
|
digest_len = 0;
|
|
if (success == 0)
|
|
@@ -477,7 +477,7 @@
|
|
success = 0;
|
|
out:
|
|
EVP_MD_CTX_cleanup(&evp_md_ctx);
|
|
- bzero(digest, sizeof(digest));
|
|
+ memset(digest, 0, sizeof(digest));
|
|
digest_len = 0;
|
|
return success;
|
|
}
|
|
@@ -572,7 +572,7 @@
|
|
BN_clear_free(grp->p);
|
|
if (grp->q != NULL)
|
|
BN_clear_free(grp->q);
|
|
- bzero(grp, sizeof(*grp));
|
|
+ memset(grp, 0, sizeof(*grp));
|
|
free(grp);
|
|
}
|
|
|
|
diff -Nura openssh-6.3p1.orig/session.c openssh-6.3p1/session.c
|
|
--- openssh-6.3p1.orig/session.c 2013-07-20 00:21:53.000000000 -0300
|
|
+++ openssh-6.3p1/session.c 2013-10-22 09:49:35.085748791 -0300
|
|
@@ -1861,7 +1861,7 @@
|
|
fatal("%s: insane session id %d (max %d nalloc %d)",
|
|
__func__, id, options.max_sessions, sessions_nalloc);
|
|
}
|
|
- bzero(&sessions[id], sizeof(*sessions));
|
|
+ memset(&sessions[id], 0, sizeof(*sessions));
|
|
sessions[id].self = id;
|
|
sessions[id].used = 0;
|
|
sessions[id].chanid = -1;
|
|
diff -Nura openssh-6.3p1.orig/sftp-client.c openssh-6.3p1/sftp-client.c
|
|
--- openssh-6.3p1.orig/sftp-client.c 2013-07-25 19:40:00.000000000 -0300
|
|
+++ openssh-6.3p1/sftp-client.c 2013-10-22 09:48:47.139753618 -0300
|
|
@@ -308,7 +308,7 @@
|
|
SSH2_FXP_EXTENDED_REPLY, type);
|
|
}
|
|
|
|
- bzero(st, sizeof(*st));
|
|
+ memset(st, 0, sizeof(*st));
|
|
st->f_bsize = buffer_get_int64(&msg);
|
|
st->f_frsize = buffer_get_int64(&msg);
|
|
st->f_blocks = buffer_get_int64(&msg);
|
|
diff -Nura openssh-6.3p1.orig/ssh.c openssh-6.3p1/ssh.c
|
|
--- openssh-6.3p1.orig/ssh.c 2013-07-24 22:55:53.000000000 -0300
|
|
+++ openssh-6.3p1/ssh.c 2013-10-22 09:45:52.967062218 -0300
|
|
@@ -1539,8 +1539,8 @@
|
|
#endif /* PKCS11 */
|
|
|
|
n_ids = 0;
|
|
- bzero(identity_files, sizeof(identity_files));
|
|
- bzero(identity_keys, sizeof(identity_keys));
|
|
+ memset(identity_files, 0, sizeof(identity_files));
|
|
+ memset(identity_keys, 0, sizeof(identity_keys));
|
|
|
|
#ifdef ENABLE_PKCS11
|
|
if (options.pkcs11_provider != NULL &&
|
|
@@ -1615,9 +1615,9 @@
|
|
memcpy(options.identity_files, identity_files, sizeof(identity_files));
|
|
memcpy(options.identity_keys, identity_keys, sizeof(identity_keys));
|
|
|
|
- bzero(pwname, strlen(pwname));
|
|
+ memset(pwname, 0, strlen(pwname));
|
|
free(pwname);
|
|
- bzero(pwdir, strlen(pwdir));
|
|
+ memset(pwdir, 0, strlen(pwdir));
|
|
free(pwdir);
|
|
}
|
|
|
|
diff -Nura openssh-6.3p1.orig/sshconnect2.c openssh-6.3p1/sshconnect2.c
|
|
--- openssh-6.3p1.orig/sshconnect2.c 2013-06-05 19:22:05.000000000 -0300
|
|
+++ openssh-6.3p1/sshconnect2.c 2013-10-22 09:44:58.967297681 -0300
|
|
@@ -1008,14 +1008,14 @@
|
|
&secret, &secret_len) != 0)
|
|
fatal("%s: hash_buffer", __func__);
|
|
|
|
- bzero(password, strlen(password));
|
|
- bzero(crypted, strlen(crypted));
|
|
+ memset(password, 0, strlen(password));
|
|
+ memset(crypted, 0, strlen(crypted));
|
|
free(password);
|
|
free(crypted);
|
|
|
|
if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
|
|
fatal("%s: BN_bin2bn (secret)", __func__);
|
|
- bzero(secret, secret_len);
|
|
+ memset(secret, 0, secret_len);
|
|
free(secret);
|
|
|
|
return ret;
|
|
@@ -1052,8 +1052,8 @@
|
|
|
|
/* Obtain password and derive secret */
|
|
pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
|
|
- bzero(crypt_scheme, strlen(crypt_scheme));
|
|
- bzero(salt, strlen(salt));
|
|
+ memset(crypt_scheme, 0, strlen(crypt_scheme));
|
|
+ memset(salt, 0, strlen(salt));
|
|
free(crypt_scheme);
|
|
free(salt);
|
|
JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
|
|
@@ -1068,8 +1068,8 @@
|
|
&pctx->a,
|
|
&x2_s_proof, &x2_s_proof_len);
|
|
|
|
- bzero(x3_proof, x3_proof_len);
|
|
- bzero(x4_proof, x4_proof_len);
|
|
+ memset(x3_proof, 0, x3_proof_len);
|
|
+ memset(x4_proof, 0, x4_proof_len);
|
|
free(x3_proof);
|
|
free(x4_proof);
|
|
|
|
@@ -1081,7 +1081,7 @@
|
|
packet_put_string(x2_s_proof, x2_s_proof_len);
|
|
packet_send();
|
|
|
|
- bzero(x2_s_proof, x2_s_proof_len);
|
|
+ memset(x2_s_proof, 0, x2_s_proof_len);
|
|
free(x2_s_proof);
|
|
|
|
/* Expect step 2 packet from peer */
|
|
@@ -1121,7 +1121,7 @@
|
|
&pctx->k,
|
|
&pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
|
|
|
|
- bzero(x4_s_proof, x4_s_proof_len);
|
|
+ memset(x4_s_proof, 0, x4_s_proof_len);
|
|
free(x4_s_proof);
|
|
|
|
JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
|
|
@@ -1406,7 +1406,7 @@
|
|
/* If IdentitiesOnly set and key not found then don't use it */
|
|
if (!found && options.identities_only) {
|
|
TAILQ_REMOVE(&files, id, next);
|
|
- bzero(id, sizeof(*id));
|
|
+ memset(id, 0, sizeof(*id));
|
|
free(id);
|
|
}
|
|
}
|
|
@@ -1814,8 +1814,8 @@
|
|
packet_put_string(x2_proof, x2_proof_len);
|
|
packet_send();
|
|
|
|
- bzero(x1_proof, x1_proof_len);
|
|
- bzero(x2_proof, x2_proof_len);
|
|
+ memset(x1_proof, 0, x1_proof_len);
|
|
+ memset(x2_proof, 0, x2_proof_len);
|
|
free(x1_proof);
|
|
free(x2_proof);
|
|
|
|
diff -Nura openssh-6.3p1.orig/ssh-keygen.c openssh-6.3p1/ssh-keygen.c
|
|
--- openssh-6.3p1.orig/ssh-keygen.c 2013-07-20 00:22:32.000000000 -0300
|
|
+++ openssh-6.3p1/ssh-keygen.c 2013-10-22 09:45:10.003658313 -0300
|
|
@@ -1693,7 +1693,7 @@
|
|
fatal("Invalid certificate time format %s", s);
|
|
}
|
|
|
|
- bzero(&tm, sizeof(tm));
|
|
+ memset(&tm, 0, sizeof(tm));
|
|
if (strptime(buf, fmt, &tm) == NULL)
|
|
fatal("Invalid certificate time %s", s);
|
|
if ((tt = mktime(&tm)) < 0)
|