diff options
| author |   reyk <reyk@openbsd.org> | 2017-04-11 09:57:19 +0000 |
|---|---|---|
| committer | reyk <reyk@openbsd.org> | 2017-04-11 09:57:19 +0000 |
| commit | f00211be2215c47e0b35fca6de4d2cdcdf1596d3 (patch) | |
| tree | d0e416cf6d8cb1b5c2516f6647d2007688431605 /lib/libutil/imsg-buffer.c | |
| parent | Revise 'struct fpreg' and dump floating-point register in core dumps. Also (diff) | |
| download | wireguard-openbsd-f00211be2215c47e0b35fca6de4d2cdcdf1596d3.tar.xz wireguard-openbsd-f00211be2215c47e0b35fca6de4d2cdcdf1596d3.zip | |
Use freezero(3) for the imsg framework in imsg_free(3) and ibuf_free(3).
In our privsep model, imsg is often used to transport sensitive
information between processes. But a process might free an imsg, and
reuse the memory for a different thing. iked uses some
explicit_bzero() to clean imsg-buffer but doing it in the library with
the freezero() is less error-prone and also benefits other daemons.
OK deraadt@ jsing@ claudio@
Diffstat (limited to 'lib/libutil/imsg-buffer.c')
| -rw-r--r-- | lib/libutil/imsg-buffer.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/libutil/imsg-buffer.c b/lib/libutil/imsg-buffer.c index f12d4ef58c4..821cb95614e 100644 --- a/lib/libutil/imsg-buffer.c +++ b/lib/libutil/imsg-buffer.c @@ -1,4 +1,4 @@ -/* $OpenBSD: imsg-buffer.c,v 1.9 2017/03/17 14:51:26 deraadt Exp $ */ +/* $OpenBSD: imsg-buffer.c,v 1.10 2017/04/11 09:57:19 reyk Exp $ */ /* * Copyright (c) 2003, 2004 Henning Brauer <henning@openbsd.org> @@ -182,7 +182,7 @@ ibuf_free(struct ibuf *buf) { if (buf == NULL) return; - free(buf->buf); + freezero(buf->buf, buf->size); free(buf); } |