From: mmcc <mmcc@openbsd.org>
Date: Sun, 18 Oct 2015 02:30:53 +0000 (+0000)
Subject: Use explicit_bzero() when the memory is freed directly afterward.
X-Git-Url: http://artulab.com/gitweb/?a=commitdiff_plain;h=83231f75ff94329d5fb32566280cef48d170a048;p=openbsd

Use explicit_bzero() when the memory is freed directly afterward.

ok deraadt@
---

diff --git a/sbin/ipsecctl/pfkey.c b/sbin/ipsecctl/pfkey.c
index 6761fa848ec..d14f1e5cc20 100644
--- a/sbin/ipsecctl/pfkey.c
+++ b/sbin/ipsecctl/pfkey.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkey.c,v 1.54 2014/11/03 03:22:22 deraadt Exp $	*/
+/*	$OpenBSD: pfkey.c,v 1.55 2015/10/18 02:30:53 mmcc Exp $	*/
 /*
  * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org>
  * Copyright (c) 2003, 2004 Markus Friedl <markus@openbsd.org>
@@ -780,7 +780,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp)
 		err(1, "pfkey_reply: malloc");
 	if (read(sd, data, len) != len) {
 		warn("PF_KEY short read");
-		bzero(data, len);
+		explicit_bzero(data, len);
 		free(data);
 		return -1;
 	}
@@ -789,7 +789,7 @@ pfkey_reply(int sd, u_int8_t **datap, ssize_t *lenp)
 		if (lenp)
 			*lenp = len;
 	} else {
-		bzero(data, len);
+		explicit_bzero(data, len);
 		free(data);
 	}
 	if (datap == NULL && hdr.sadb_msg_errno != 0) {
@@ -1341,7 +1341,7 @@ pfkey_monitor(int opts)
 		pfkey_monitor_sa(msg, opts);
 		if (opts & IPSECCTL_OPT_VERBOSE)
 			pfkey_print_raw(data, len);
-		memset(data, 0, len);
+		explicit_bzero(data, len);
 		free(data);
 	}
 	close(fd);