upstream: fix NULL deference (bzero) on err

=?UTF-8?q?or=20path=20added=20in=20last=20commit;=20spotted=20by=20Reynir?=
=?UTF-8?q?=20Bj=C3=B6rnsson?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

ok deraadt@ markus@ tb@

OpenBSD-Commit-ID: b11b084bcc551b2c630560eb08618dd501027bbd

diff --git a/sshkey.c b/sshkey.c
index a545b42cac8170ccbf41ffdf08beb0afb9c9eeba..5d28c45770e5380fac2f27c931dc51e588f922bb 100644 (file)
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.77 2019/06/23 12:21:46 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.78 2019/06/27 06:29:35 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -1985,9 +1985,9 @@ sshkey_shield_private(struct sshkey *k)
  out:
        /* XXX behaviour on error - invalidate original private key? */
        cipher_free(cctx);
-       explicit_bzero(enc, enclen);
        explicit_bzero(keyiv, sizeof(keyiv));
        explicit_bzero(&tmp, sizeof(tmp));
+       freezero(enc, enclen);
        freezero(prekey, SSHKEY_SHIELD_PREKEY_LEN);
        sshkey_free(kswap);
        sshbuf_free(prvbuf);