use freezero() instead of memset/explicit_bzero + free. Substantially

reduces conditional logic (-218, +82). MOD_EXP_CTIME_MIN_CACHE_LINE_WIDTH cache alignment calculation bn/bn_exp.c wasn'tt quite right. Two other tricky bits with ASN1_STRING_FLAG_NDEF and BN_FLG_STATIC_DATA where the condition cannot be collapsed completely. Passes regress. ok beck
author: deraadt <> 2017-05-02 03:59:45 +0000
committer: deraadt <> 2017-05-02 03:59:45 +0000
commit: 2b561cb0e87f2ee535e8c64907883cd275ad3fec (patch)
tree: bb9d050c5c2984047e6475e087694d6764f24157 /src/lib/libtls
parent: 024e2580a5280d4df3724dab76ce52e14fe2060c (diff)
download: openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.tar.gz
openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.tar.bz2
openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.zip
1 files changed, 2 insertions, 4 deletions
diff --git a/src/lib/libtls/tls_config.c b/src/lib/libtls/tls_config.c
index 65063117e2..3945da75ac 100644
--- a/src/lib/libtls/tls_config.c
+++ b/src/lib/libtls/tls_config.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: tls_config.c,v 1.38 2017/04/30 02:10:22 jsing Exp $ */
+/* $OpenBSD: tls_config.c,v 1.39 2017/05/02 03:59:45 deraadt Exp $ */
 /*
 * Copyright (c) 2014 Joel Sing <jsing@openbsd.org>
 *
@@ -188,9 +188,7 @@ tls_config_load_file(struct tls_error *error, const char *filetype,
 fail:
        if (fd != -1)
                close(fd);
-        if (*buf != NULL)
+        freezero(*buf, *len);
-                explicit_bzero(*buf, *len);
-        free(*buf);
        *buf = NULL;
        *len = 0;
author	deraadt <>	2017-05-02 03:59:45 +0000
committer	deraadt <>	2017-05-02 03:59:45 +0000
commit	2b561cb0e87f2ee535e8c64907883cd275ad3fec (patch)
tree	bb9d050c5c2984047e6475e087694d6764f24157 /src/lib/libtls
parent	024e2580a5280d4df3724dab76ce52e14fe2060c (diff)
download	openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.tar.gz openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.tar.bz2 openbsd-2b561cb0e87f2ee535e8c64907883cd275ad3fec.zip