diff options
Diffstat (limited to 'libntp/authkeys.c')
-rw-r--r-- | libntp/authkeys.c | 12 |
1 files changed, 10 insertions, 2 deletions
diff --git a/libntp/authkeys.c b/libntp/authkeys.c index 68771ffb339f..667ca298b96f 100644 --- a/libntp/authkeys.c +++ b/libntp/authkeys.c @@ -534,6 +534,12 @@ MD5auth_setkey( bucket = &key_hash[KEYHASH(keyno)]; for (sk = *bucket; sk != NULL; sk = sk->hlink) { if (keyno == sk->keyid) { + /* TALOS-CAN-0054: make sure we have a new buffer! */ + if (NULL != sk->secret) { + memset(sk->secret, 0, sk->secretsize); + free(sk->secret); + } + sk->secret = emalloc(len); sk->type = (u_short)keytype; secretsize = len; sk->secretsize = (u_short)secretsize; @@ -593,12 +599,14 @@ auth_delkeys(void) } /* - * Don't lose info as to which keys are trusted. + * Don't lose info as to which keys are trusted. Make + * sure there are no dangling pointers! */ if (KEY_TRUSTED & sk->flags) { if (sk->secret != NULL) { - memset(sk->secret, '\0', sk->secretsize); + memset(sk->secret, 0, sk->secretsize); free(sk->secret); + sk->secret = NULL; /* TALOS-CAN-0054 */ } sk->secretsize = 0; sk->lifetime = 0; |