1
0

patch-sshconnect2_c 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071
  1. --- openssh-5.3p1.orig/sshconnect2.c 2009-03-05 14:58:22.000000000 +0100
  2. +++ openssh-5.3p1/sshconnect2.c 2009-12-05 12:10:19.000000000 +0100
  3. @@ -922,14 +922,14 @@ jpake_password_to_secret(Authctxt *authc
  4. &secret, &secret_len) != 0)
  5. fatal("%s: hash_buffer", __func__);
  6. - bzero(password, strlen(password));
  7. - bzero(crypted, strlen(crypted));
  8. + memset(password, 0, strlen(password));
  9. + memset(crypted, 0, strlen(crypted));
  10. xfree(password);
  11. xfree(crypted);
  12. if ((ret = BN_bin2bn(secret, secret_len, NULL)) == NULL)
  13. fatal("%s: BN_bin2bn (secret)", __func__);
  14. - bzero(secret, secret_len);
  15. + memset(secret, 0, secret_len);
  16. xfree(secret);
  17. return ret;
  18. @@ -966,8 +966,8 @@ input_userauth_jpake_server_step1(int ty
  19. /* Obtain password and derive secret */
  20. pctx->s = jpake_password_to_secret(authctxt, crypt_scheme, salt);
  21. - bzero(crypt_scheme, strlen(crypt_scheme));
  22. - bzero(salt, strlen(salt));
  23. + memset(crypt_scheme, 0, strlen(crypt_scheme));
  24. + memset(salt, 0, strlen(salt));
  25. xfree(crypt_scheme);
  26. xfree(salt);
  27. JPAKE_DEBUG_BN((pctx->s, "%s: s = ", __func__));
  28. @@ -982,8 +982,8 @@ input_userauth_jpake_server_step1(int ty
  29. &pctx->a,
  30. &x2_s_proof, &x2_s_proof_len);
  31. - bzero(x3_proof, x3_proof_len);
  32. - bzero(x4_proof, x4_proof_len);
  33. + memset(x3_proof, 0, x3_proof_len);
  34. + memset(x4_proof, 0, x4_proof_len);
  35. xfree(x3_proof);
  36. xfree(x4_proof);
  37. @@ -995,7 +995,7 @@ input_userauth_jpake_server_step1(int ty
  38. packet_put_string(x2_s_proof, x2_s_proof_len);
  39. packet_send();
  40. - bzero(x2_s_proof, x2_s_proof_len);
  41. + memset(x2_s_proof, 0, x2_s_proof_len);
  42. xfree(x2_s_proof);
  43. /* Expect step 2 packet from peer */
  44. @@ -1035,7 +1035,7 @@ input_userauth_jpake_server_step2(int ty
  45. &pctx->k,
  46. &pctx->h_k_cid_sessid, &pctx->h_k_cid_sessid_len);
  47. - bzero(x4_s_proof, x4_s_proof_len);
  48. + memset(x4_s_proof, 0, x4_s_proof_len);
  49. xfree(x4_s_proof);
  50. JPAKE_DEBUG_CTX((pctx, "confirm sending in %s", __func__));
  51. @@ -1701,8 +1701,8 @@ userauth_jpake(Authctxt *authctxt)
  52. packet_put_string(x2_proof, x2_proof_len);
  53. packet_send();
  54. - bzero(x1_proof, x1_proof_len);
  55. - bzero(x2_proof, x2_proof_len);
  56. + memset(x1_proof, 0, x1_proof_len);
  57. + memset(x2_proof, 0, x2_proof_len);
  58. xfree(x1_proof);
  59. xfree(x2_proof);