upstream commit

Comments are only supported for RSA1 keys. If a user
 tried to add one and entered his passphrase, explicitly clear it before exit.
 This is done in all other error paths, too.

ok djm

diff --git a/ssh-keygen.c b/ssh-keygen.c
index 96dd8b439b0cc269b2238cbb07a37968ee089703..0518638e0e6d385d546c9a81db911d19d72bcf1c 100644 (file)
--- a/ssh-keygen.c
+++ b/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.267 2015/03/23 06:06:38 djm Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.268 2015/03/31 11:06:49 tobias Exp $ */
 /*
  * Author: Tatu Ylonen <ylo@cs.hut.fi>
  * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -1405,6 +1405,7 @@ do_change_comment(struct passwd *pw)
        }
        if (private->type != KEY_RSA1) {
                fprintf(stderr, "Comments are only supported for RSA1 keys.\n");
+               explicit_bzero(passphrase, strlen(passphrase));
                sshkey_free(private);
                exit(1);
        }