Drop some unnecessary NULL checks, explicitly bzero sensitive memory.
Index: config.c
===================================================================
RCS file: /cvs/src/sbin/iked/config.c,v
retrieving revision 1.37
diff -u -p -r1.37 config.c
--- config.c 21 Aug 2015 11:59:27 -0000 1.37
+++ config.c 19 Sep 2015 18:05:32 -0000
@@ -142,8 +142,7 @@ config_free_sa(struct iked *env, struct
ibuf_release(sa->sa_rcert.id_buf);
ibuf_release(sa->sa_eap.id_buf);
- if (sa->sa_eapid != NULL)
- free(sa->sa_eapid);
+ free(sa->sa_eapid);
ibuf_release(sa->sa_eapmsk);
free(sa);
@@ -779,8 +778,7 @@ config_setocsp(struct iked *env)
int
config_getocsp(struct iked *env, struct imsg *imsg)
{
- if (env->sc_ocsp_url)
- free(env->sc_ocsp_url);
+ free(env->sc_ocsp_url);
if (IMSG_DATA_SIZE(imsg) > 0)
env->sc_ocsp_url = get_string(imsg->data, IMSG_DATA_SIZE(imsg));
else
Index: iked.c
===================================================================
RCS file: /cvs/src/sbin/iked/iked.c,v
retrieving revision 1.25
diff -u -p -r1.25 iked.c
--- iked.c 21 Aug 2015 11:59:27 -0000 1.25
+++ iked.c 19 Sep 2015 18:05:32 -0000
@@ -383,8 +383,7 @@ parent_dispatch_ca(int fd, struct privse
if (IMSG_DATA_SIZE(imsg) > 0)
str = get_string(imsg->data, IMSG_DATA_SIZE(imsg));
parent_reload(env, 0, str);
- if (str != NULL)
- free(str);
+ free(str);
break;
case IMSG_OCSP_FD:
ocsp_connect(env);
Index: ikev2.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2.c,v
retrieving revision 1.123
diff -u -p -r1.123 ikev2.c
--- ikev2.c 21 Aug 2015 11:59:27 -0000 1.123
+++ ikev2.c 19 Sep 2015 18:05:33 -0000
@@ -4123,8 +4123,7 @@ ikev2_sa_tag(struct iked_sa *sa, struct
int ret = -1;
size_t len;
- if (sa->sa_tag != NULL)
- free(sa->sa_tag);
+ free(sa->sa_tag);
sa->sa_tag = NULL;
format = sa->sa_policy->pol_tag;
Index: ikev2_msg.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2_msg.c,v
retrieving revision 1.43
diff -u -p -r1.43 ikev2_msg.c
--- ikev2_msg.c 21 Aug 2015 11:59:27 -0000 1.43
+++ ikev2_msg.c 19 Sep 2015 18:05:33 -0000
@@ -777,8 +777,7 @@ ikev2_msg_authverify(struct iked *env, s
}
done:
- if (psk != NULL)
- free(psk);
+ free(psk);
dsa_free(dsa);
return (ret);
@@ -859,8 +858,7 @@ ikev2_msg_authsign(struct iked *env, str
ret = 0;
done:
- if (psk != NULL)
- free(psk);
+ free(psk);
dsa_free(dsa);
return (ret);
Index: ikev2_pld.c
===================================================================
RCS file: /cvs/src/sbin/iked/ikev2_pld.c,v
retrieving revision 1.52
diff -u -p -r1.52 ikev2_pld.c
--- ikev2_pld.c 21 Aug 2015 11:59:27 -0000 1.52
+++ ikev2_pld.c 19 Sep 2015 18:05:33 -0000
@@ -1480,10 +1480,8 @@ ikev2_pld_delete(struct iked *env, struc
}
done:
- if (localspi)
- free(localspi);
- if (peersas)
- free(peersas);
+ free(localspi);
+ free(peersas);
ibuf_release(resp);
return (ret);
}
Index: pfkey.c
===================================================================
RCS file: /cvs/src/sbin/iked/pfkey.c,v
retrieving revision 1.45
diff -u -p -r1.45 pfkey.c
--- pfkey.c 26 Aug 2015 02:09:29 -0000 1.45
+++ pfkey.c 19 Sep 2015 18:05:33 -0000
@@ -411,10 +411,8 @@ pfkey_flow(int sd, uint8_t satype, uint8
ret = pfkey_write(sd, &smsg, iov, iov_cnt, NULL, NULL);
- if (sa_srcid)
- free(sa_srcid);
- if (sa_dstid)
- free(sa_dstid);
+ free(sa_srcid);
+ free(sa_dstid);
return (ret);
}
@@ -831,7 +829,7 @@ pfkey_sa_last_used(int sd, struct iked_c
log_debug("%s: last_used %llu", __func__, *last_used);
done:
- bzero(data, n);
+ explicit_bzero(data, n);
free(data);
return (ret);
}
@@ -939,7 +937,7 @@ pfkey_sa_getspi(int sd, uint8_t satype,
log_debug("%s: spi 0x%08x", __func__, *spip);
done:
- bzero(data, n);
+ explicit_bzero(data, n);
free(data);
return (ret);
}
