upstream: change explicit_bzero();free() to freezero()

While freezero() returns early if the pointer is NULL the tests for
NULL in callers are left to avoid warnings about passing an
uninitialised size argument across a function boundry.

ok deraadt@ djm@

OpenBSD-Commit-ID: 2660fa334fcc7cd05ec74dd99cb036f9ade6384a

1 files changed, 7 insertions, 13 deletions

diff --git a/ssh-ed25519.c b/ssh-ed25519.c
index 5163e0297..7dee82707 100644
--- a/ssh-ed25519.c
+++ b/ssh-ed25519.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-ed25519.c,v 1.7 2016/04/21 06:08:02 djm Exp $ */
+/* $OpenBSD: ssh-ed25519.c,v 1.8 2020/02/26 13:40:09 jsg Exp $ */
 /*
  * Copyright (c) 2013 Markus Friedl <markus@openbsd.org>
  *
@@ -83,10 +83,8 @@ ssh_ed25519_sign(const struct sshkey *key, u_char **sigp, size_t *lenp,
 	r = 0;
  out:
 	sshbuf_free(b);
-	if (sig != NULL) {
-		explicit_bzero(sig, slen);
-		free(sig);
-	}
+	if (sig != NULL) 
+		freezero(sig, slen);
 
 	return r;
 }
@@ -153,14 +151,10 @@ ssh_ed25519_verify(const struct sshkey *key,
 	/* success */
 	r = 0;
  out:
-	if (sm != NULL) {
-		explicit_bzero(sm, smlen);
-		free(sm);
-	}
-	if (m != NULL) {
-		explicit_bzero(m, smlen); /* NB mlen may be invalid if r != 0 */
-		free(m);
-	}
+	if (sm != NULL) 
+		freezero(sm, smlen);
+	if (m != NULL) 
+		freezero(m, smlen); /* NB mlen may be invalid if r != 0 */
 	sshbuf_free(b);
 	free(ktype);
 	return r;