X-Git-Url: https://asedeno.scripts.mit.edu/gitweb/?a=blobdiff_plain;f=sshpubk.c;fp=sshpubk.c;h=63b54b12e3ccec9bb103dd076ba8b6c0930a43cd;hb=65f69bca7363ceceeac515ae2a82b8f8adc6404d;hp=74cf1080373ae02d8277602f18ca79ecbdbc7f91;hpb=1f757928051b6d6ff231b2265bad2d263b0fe3ea;p=PuTTY.git

diff --git a/sshpubk.c b/sshpubk.c
index 74cf1080..63b54b12 100644
--- a/sshpubk.c
+++ b/sshpubk.c
@@ -796,6 +796,7 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
 	goto error;
     }
     sfree(public_blob);
+    smemclr(private_blob, private_blob_len);
     sfree(private_blob);
     sfree(encryption);
     if (errorstr)
@@ -816,8 +817,10 @@ struct ssh2_userkey *ssh2_load_userkey(const Filename *filename,
 	sfree(mac);
     if (public_blob)
 	sfree(public_blob);
-    if (private_blob)
-	sfree(private_blob);
+    if (private_blob) {
+        smemclr(private_blob, private_blob_len);
+        sfree(private_blob);
+    }
     if (errorstr)
 	*errorstr = error;
     return ret;
@@ -1106,8 +1109,14 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
     }
 
     fp = f_open(filename, "w", TRUE);
-    if (!fp)
-	return 0;
+    if (!fp) {
+        sfree(pub_blob);
+        smemclr(priv_blob, priv_blob_len);
+        sfree(priv_blob);
+        smemclr(priv_blob_encrypted, priv_blob_len);
+        sfree(priv_blob_encrypted);
+        return 0;
+    }
     fprintf(fp, "PuTTY-User-Key-File-2: %s\n", key->alg->name);
     fprintf(fp, "Encryption: %s\n", cipherstr);
     fprintf(fp, "Comment: %s\n", key->comment);
@@ -1124,6 +1133,7 @@ int ssh2_save_userkey(const Filename *filename, struct ssh2_userkey *key,
     sfree(pub_blob);
     smemclr(priv_blob, priv_blob_len);
     sfree(priv_blob);
+    smemclr(priv_blob_encrypted, priv_blob_len);
     sfree(priv_blob_encrypted);
     return 1;
 }