- (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an

assigment that might get optimized out. ok djm@
author: Darren Tucker <dtucker@zip.com.au> 2014-06-11 05:10:00 +0200
committer: Darren Tucker <dtucker@zip.com.au> 2014-06-11 05:10:00 +0200
commit: eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08 (patch)
tree: b344233d11ebffc3ba78019dfd1ef7191e67eacd
parent: - (dtucker) [sshbuf.h] Only declare ECC functions if building without (diff)
download: openssh-eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08.tar.xz
openssh-eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08.zip
2 files changed, 3 insertions, 1 deletions
diff --git a/ChangeLog b/ChangeLog
index 4c9458e84..e42d95a7c 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -17,6 +17,8 @@
      "doesn't bother me" deraadt@
  - (dtucker) [sshbuf.h] Only declare ECC functions if building without
    OpenSSL or if OpenSSL has ECC.
+ - (dtucker) [openbsd-compat/arc4random.c] Use explicit_bzero instead of an
+   assigment that might get optimized out.  ok djm@
 
 20140527
  - (djm) [cipher.c] Fix merge botch.
diff --git a/openbsd-compat/arc4random.c b/openbsd-compat/arc4random.c
index eac073cc0..fa0d6301a 100644
--- a/openbsd-compat/arc4random.c
+++ b/openbsd-compat/arc4random.c
@@ -229,7 +229,7 @@ arc4random_buf(void *_buf, size_t n)
 		buf[i] = r & 0xff;
 		r >>= 8;
 	}
-	i = r = 0;
+	explicit_bzero(&r, sizeof(r));
 }
 #endif /* !defined(HAVE_ARC4RANDOM_BUF) && defined(HAVE_ARC4RANDOM) */
author	Darren Tucker <dtucker@zip.com.au>	2014-06-11 05:10:00 +0200
committer	Darren Tucker <dtucker@zip.com.au>	2014-06-11 05:10:00 +0200
commit	eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08 (patch)
tree	b344233d11ebffc3ba78019dfd1ef7191e67eacd
parent	- (dtucker) [sshbuf.h] Only declare ECC functions if building without (diff)
download	openssh-eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08.tar.xz openssh-eb012ac581fd0abc16ee86ee3a68cf07c8ce4d08.zip