From d7abfe7e8f06b2e96600d1f1fa6522d42b106f8e Mon Sep 17 00:00:00 2001
From: Andreas Schneider <asn@cryptomilk.org>
Date: Thu, 31 Oct 2019 09:41:09 +0100
Subject: [PATCH] pki_container_openssh: Use SSH_BUFFER_FREE()

Fixes T183

Signed-off-by: Andreas Schneider <asn@cryptomilk.org>
Reviewed-by: Jakub Jelen <jjelen@redhat.com>
---
 src/pki_container_openssh.c | 18 +++++++++---------
 1 file changed, 9 insertions(+), 9 deletions(-)

diff --git a/src/pki_container_openssh.c b/src/pki_container_openssh.c
index f7ec0f4c..5ad87b53 100644
--- a/src/pki_container_openssh.c
+++ b/src/pki_container_openssh.c
@@ -159,7 +159,7 @@ static int pki_private_key_decrypt(ssh_string blob,
     if (rc != SSH_ERROR){
         rc = ssh_buffer_unpack(buffer, "Sd", &salt, &rounds);
     }
-    ssh_buffer_free(buffer);
+    SSH_BUFFER_FREE(buffer);
     if (rc == SSH_ERROR){
         return SSH_ERROR;
     }
@@ -364,11 +364,11 @@ ssh_pki_openssh_import(const char *text_key,
     }
 out:
     if (buffer != NULL) {
-        ssh_buffer_free(buffer);
+        SSH_BUFFER_FREE(buffer);
         buffer = NULL;
     }
     if (privkey_buffer != NULL) {
-        ssh_buffer_free(privkey_buffer);
+        SSH_BUFFER_FREE(privkey_buffer);
         privkey_buffer = NULL;
     }
     SAFE_FREE(magic);
@@ -620,26 +620,26 @@ ssh_string ssh_pki_openssh_privkey_export(const ssh_key privkey,
 
         salt = ssh_string_new(16);
         if (salt == NULL){
-            ssh_buffer_free(kdf_buf);
+            SSH_BUFFER_FREE(kdf_buf);
             goto error;
         }
 
         ok = ssh_get_random(ssh_string_data(salt), 16, 0);
         if (!ok) {
-            ssh_buffer_free(kdf_buf);
+            SSH_BUFFER_FREE(kdf_buf);
             goto error;
         }
 
         ssh_buffer_pack(kdf_buf, "Sd", salt, rounds);
         kdf_options = ssh_string_new(ssh_buffer_get_len(kdf_buf));
         if (kdf_options == NULL){
-            ssh_buffer_free(kdf_buf);
+            SSH_BUFFER_FREE(kdf_buf);
             goto error;
         }
         memcpy(ssh_string_data(kdf_options),
                ssh_buffer_get(kdf_buf),
                ssh_buffer_get_len(kdf_buf));
-        ssh_buffer_free(kdf_buf);
+        SSH_BUFFER_FREE(kdf_buf);
         rc = pki_private_key_encrypt(privkey_buffer,
                                      passphrase,
                                      "aes128-cbc",
@@ -709,13 +709,13 @@ error:
     if (privkey_buffer != NULL) {
         void *bufptr = ssh_buffer_get(privkey_buffer);
         explicit_bzero(bufptr, ssh_buffer_get_len(privkey_buffer));
-        ssh_buffer_free(privkey_buffer);
+        SSH_BUFFER_FREE(privkey_buffer);
     }
     SAFE_FREE(pubkey_s);
     SAFE_FREE(kdf_options);
     SAFE_FREE(salt);
     if (buffer != NULL) {
-        ssh_buffer_free(buffer);
+        SSH_BUFFER_FREE(buffer);
     }
 
     return str;