Hi,
You want explicit_bzero(3) for these buffers.
Zeroing a buffer is compiler- and system-dependent, so I added a
new macro. I'll send a pull request upstream if this goes in.
--
Scott Cheloha
Index: usr.sbin/pppd/auth.c
===================================================================
RCS file: /cvs/src/usr.sbin/pppd/auth.c,v
retrieving revision 1.38
diff -u -p -r1.38 auth.c
--- usr.sbin/pppd/auth.c 24 Jun 2016 17:22:56 -0000 1.38
+++ usr.sbin/pppd/auth.c 12 Nov 2017 01:09:24 -0000
@@ -399,7 +399,7 @@ auth_withpeer_fail(unit, protocol)
int unit, protocol;
{
if (passwd_from_file)
- BZERO(passwd, MAXSECRETLEN);
+ EXPLICIT_BZERO(passwd, MAXSECRETLEN);
/*
* We've failed to authenticate ourselves to our peer.
* He'll probably take the link down, and there's not much
@@ -422,12 +422,12 @@ auth_withpeer_success(unit, protocol)
break;
case PPP_PAP:
if (passwd_from_file)
- BZERO(passwd, MAXSECRETLEN);
+ EXPLICIT_BZERO(passwd, MAXSECRETLEN);
bit = PAP_WITHPEER;
break;
default:
syslog(LOG_WARNING, "auth_peer_success: unknown protocol %x",
- protocol);
+ protocol);
bit = 0;
}
@@ -718,8 +718,8 @@ check_passwd(unit, auser, userlen, apass
set_allowed_addrs(unit, addrs);
}
- BZERO(passwd, sizeof(passwd));
- BZERO(secret, sizeof(secret));
+ EXPLICIT_BZERO(passwd, sizeof(passwd));
+ EXPLICIT_BZERO(secret, sizeof(secret));
return ret;
}
@@ -825,7 +825,7 @@ null_login(unit)
i = scan_authfile(f, "", our_name, (u_int32_t)0, secret, &addrs, filename);
ret = i >= 0 && (i & NONWILD_CLIENT) != 0 && secret[0] == 0;
- BZERO(secret, sizeof(secret));
+ EXPLICIT_BZERO(secret, sizeof(secret));
if (ret)
set_allowed_addrs(unit, addrs);
@@ -864,7 +864,7 @@ get_pap_passwd(passwd)
return 0;
if (passwd != NULL)
strlcpy(passwd, secret, MAXSECRETLEN);
- BZERO(secret, sizeof(secret));
+ EXPLICIT_BZERO(secret, sizeof(secret));
return 1;
}
@@ -978,7 +978,7 @@ get_secret(unit, client, server, secret,
len = MAXSECRETLEN;
}
BCOPY(secbuf, secret, len);
- BZERO(secbuf, sizeof(secbuf));
+ EXPLICIT_BZERO(secbuf, sizeof(secbuf));
*secret_len = len;
return 1;
Index: usr.sbin/pppd/chap.c
===================================================================
RCS file: /cvs/src/usr.sbin/pppd/chap.c,v
retrieving revision 1.18
diff -u -p -r1.18 chap.c
--- usr.sbin/pppd/chap.c 15 Jan 2015 23:19:48 -0000 1.18
+++ usr.sbin/pppd/chap.c 12 Nov 2017 01:09:24 -0000
@@ -470,7 +470,7 @@ ChapReceiveChallenge(cstate, inp, id, le
return;
}
- BZERO(secret, sizeof(secret));
+ EXPLICIT_BZERO(secret, sizeof(secret));
ChapSendResponse(cstate);
}
@@ -576,7 +576,7 @@ ChapReceiveResponse(cstate, inp, id, len
}
}
- BZERO(secret, sizeof(secret));
+ EXPLICIT_BZERO(secret, sizeof(secret));
ChapSendStatus(cstate, code);
if (code == CHAP_SUCCESS) {
Index: usr.sbin/pppd/pppd.h
===================================================================
RCS file: /cvs/src/usr.sbin/pppd/pppd.h,v
retrieving revision 1.21
diff -u -p -r1.21 pppd.h
--- usr.sbin/pppd/pppd.h 6 Dec 2015 12:00:16 -0000 1.21
+++ usr.sbin/pppd/pppd.h 12 Nov 2017 01:09:24 -0000
@@ -403,6 +403,7 @@ extern struct option_info devnam_info;
#define BCOPY(s, d, l) memcpy(d, s, l)
#define BMOVE(s, d, l) memmove(d, s, l)
#define BZERO(s, n) memset(s, 0, n)
+#define EXPLICIT_BZERO(s, n) explicit_bzero(s, n)
#define EXIT(u) quit()
#define PRINTMSG(m, l) { m[l] = '\0'; syslog(LOG_INFO, "Remote message: %s",
m); }
Index: usr.sbin/pppd/upap.c
===================================================================
RCS file: /cvs/src/usr.sbin/pppd/upap.c,v
retrieving revision 1.10
diff -u -p -r1.10 upap.c
--- usr.sbin/pppd/upap.c 27 Oct 2009 23:59:53 -0000 1.10
+++ usr.sbin/pppd/upap.c 12 Nov 2017 01:09:24 -0000
@@ -402,7 +402,7 @@ upap_rauthreq(u, inp, id, len)
*/
retcode = check_passwd(u->us_unit, ruser, ruserlen, rpasswd,
rpasswdlen, &msg, &msglen);
- BZERO(rpasswd, rpasswdlen);
+ EXPLICIT_BZERO(rpasswd, rpasswdlen);
upap_sresp(u, retcode, id, msg, msglen);
