From 762ce224abc6566244e05d5038374ea434500888 Mon Sep 17 00:00:00 2001
From: mmcc <mmcc@openbsd.org>
Date: Sun, 18 Oct 2015 02:39:04 +0000
Subject: [PATCH] Use explicit_bzero() when the memory is freed directly
 afterward.

ok deraadt@
---
 usr.sbin/sasyncd/monitor.c | 16 ++++++++--------
 usr.sbin/sasyncd/pfkey.c   |  6 +++---
 2 files changed, 11 insertions(+), 11 deletions(-)

diff --git a/usr.sbin/sasyncd/monitor.c b/usr.sbin/sasyncd/monitor.c
index a02ab5dc3d0..6d5b439b7fd 100644
--- a/usr.sbin/sasyncd/monitor.c
+++ b/usr.sbin/sasyncd/monitor.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: monitor.c,v 1.20 2015/08/20 22:39:29 deraadt Exp $	*/
+/*	$OpenBSD: monitor.c,v 1.21 2015/10/18 02:39:04 mmcc Exp $	*/
 
 /*
  * Copyright (c) 2005 Håkan Olsson.  All rights reserved.
@@ -285,7 +285,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb, u_int32_t *sadbsize, u_int8_t **spd,
 		}
 		rbytes = m_read(m_state.s, *sadb, *sadbsize);
 		if (rbytes < 1) {
-			memset(*sadb, 0, *sadbsize);
+			explicit_bzero(*sadb, *sadbsize);
 			free(*sadb);
 			return -1;
 		}
@@ -294,7 +294,7 @@ monitor_get_pfkey_snap(u_int8_t **sadb, u_int32_t *sadbsize, u_int8_t **spd,
 	/* Read SPD data */
 	if (m_read(m_state.s, spdsize, sizeof *spdsize) < 1) {
 		if (*sadbsize) {
-			memset(*sadb, 0, *sadbsize);
+			explicit_bzero(*sadb, *sadbsize);
 			free(*sadb);
 		}
 		return -1;
@@ -305,17 +305,17 @@ monitor_get_pfkey_snap(u_int8_t **sadb, u_int32_t *sadbsize, u_int8_t **spd,
 			log_err("monitor_get_pfkey_snap: malloc()");
 			monitor_drain_input();
 			if (*sadbsize) {
-				memset(*sadb, 0, *sadbsize);
+				explicit_bzero(*sadb, *sadbsize);
 				free(*sadb);
 			}
 			return -1;
 		}
 		rbytes = m_read(m_state.s, *spd, *spdsize);
 		if (rbytes < 1) {
-			memset(*spd, 0, *spdsize);
+			explicit_bzero(*spd, *spdsize);
 			free(*spd);
 			if (*sadbsize) {
-				memset(*sadb, 0, *sadbsize);
+				explicit_bzero(*sadb, *sadbsize);
 				free(*sadb);
 			}
 			return -1;
@@ -442,11 +442,11 @@ m_priv_pfkey_snap(int s)
 
 cleanup:
 	if (sadb_buf) {
-		memset(sadb_buf, 0, sadb_buflen);
+		explicit_bzero(sadb_buf, sadb_buflen);
 		free(sadb_buf);
 	}
 	if (spd_buf) {
-		memset(spd_buf, 0, spd_buflen);
+		explicit_bzero(spd_buf, spd_buflen);
 		free(spd_buf);
 	}
 }
diff --git a/usr.sbin/sasyncd/pfkey.c b/usr.sbin/sasyncd/pfkey.c
index 7e91fdc7122..7bc6d810270 100644
--- a/usr.sbin/sasyncd/pfkey.c
+++ b/usr.sbin/sasyncd/pfkey.c
@@ -1,4 +1,4 @@
-/*	$OpenBSD: pfkey.c,v 1.24 2015/08/20 22:39:29 deraadt Exp $	*/
+/*	$OpenBSD: pfkey.c,v 1.25 2015/10/18 02:39:04 mmcc Exp $	*/
 
 /*
  * Copyright (c) 2005 Håkan Olsson.  All rights reserved.
@@ -496,7 +496,7 @@ pfkey_snapshot(void *v)
 				    m->sadb_msg_len * CHUNK, p->name);
 			}
 		}
-		memset(sadb, 0, sadbsz);
+		explicit_bzero(sadb, sadbsz);
 		free(sadb);
 	}
 
@@ -527,7 +527,7 @@ pfkey_snapshot(void *v)
 			}
 		}
 		/* Cleanup. */
-		memset(spd, 0, spdsz);
+		explicit_bzero(spd, spdsz);
 		free(spd);
 	}
 
-- 
2.20.1