2100 – Missing dereference when bzeroing unused identities

Bug 2100 - Missing dereference when bzeroing unused identities

Summary: Missing dereference when bzeroing unused identities

Status:	CLOSED FIXED

Alias:	None

Product:	Portable OpenSSH
Classification:	Unclassified
Component:	ssh (show other bugs)
Version:	6.2p1
Hardware:	Other Linux

Importance:	P5 enhancement
Assignee:	Assigned to nobody

URL:
Keywords:

Depends on:
Blocks:	V_6_3
	Show dependency tree / graph

Reported:	2013-05-09 18:45 AEST by Colin Watson
Modified:	2016-08-02 10:41 AEST (History)
CC List:	1 user (show)

See Also:

Attachments
Fix size passed to bzero (564 bytes, patch) 2013-05-09 18:45 AEST, Colin Watson	no flags	Details \| Diff
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Colin Watson 2013-05-09 18:45:19 AEST

Created attachment 2256 [details]
Fix size passed to bzero

GCC 4.8 warns (for Debian package, so line numbers may be off from mainline, sorry):

../sshconnect2.c: In function 'pubkey_prepare':
../sshconnect2.c:1527:20: warning: argument to 'sizeof' in 'bzero' call is the same expression as the destination; did you mean to dereference it? [-Wsizeof-pointer-memaccess]
    bzero(id, sizeof(id));

It's correct; this code only zeroes the first sizeof(pointer) bytes of the Identity structure, rather than the whole thing.  Patch attached.

Comment 1 Damien Miller 2013-05-10 13:40:21 AEST

applied - will be in 6.3. Thanks

Comment 2 Damien Miller 2016-08-02 10:41:02 AEST

Close all resolved bugs after 7.3p1 release