diff options
| author | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2009-12-20 15:55:43 +0000 |
|---|---|---|
| committer | Tobias Stoeckmann <tobias@cvs.openbsd.org> | 2009-12-20 15:55:43 +0000 |
| commit | 8c28f845a87c788242c1b91b3040a096fd799fd7 (patch) | |
| tree | ff8aa2ba16a34ab4f23707d034899a5cb5e59d4d | |
| parent | 9dc9638b845e8498977b44dc201629cfca3d05c1 (diff) | |
Properly fill password string with zeros after use on unprivileged side of
fork() setup.
ok deraadt, millert
| -rw-r--r-- | usr.sbin/popa3d/pop_auth.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/usr.sbin/popa3d/pop_auth.c b/usr.sbin/popa3d/pop_auth.c index 19bd6d637fb..31d66f764b4 100644 --- a/usr.sbin/popa3d/pop_auth.c +++ b/usr.sbin/popa3d/pop_auth.c @@ -1,4 +1,4 @@ -/* $OpenBSD: pop_auth.c,v 1.3 2003/05/12 19:28:22 camield Exp $ */ +/* $OpenBSD: pop_auth.c,v 1.4 2009/12/20 15:55:42 tobias Exp $ */ /* * AUTHORIZATION state handling. @@ -37,8 +37,14 @@ static int pop_auth_user(char *params) static int pop_auth_pass(char *params) { - if (!params || !pop_user) return POP_ERROR; - if (!(pop_pass = strdup(params))) return POP_CRASH_SERVER; + if (!params) return POP_ERROR; + if (!pop_user) { + memset(params, 0, strlen(params)); + return POP_ERROR; + } + pop_pass = strdup(params); + memset(params, 0, strlen(params)); + if (pop_pass == NULL) return POP_CRASH_SERVER; return POP_STATE; } @@ -61,6 +67,7 @@ int do_pop_auth(int channel) write_loop(channel, (char *)&pop_buffer, sizeof(pop_buffer)); write_loop(channel, pop_user, strlen(pop_user) + 1); write_loop(channel, pop_pass, strlen(pop_pass) + 1); + memset(pop_pass, 0, strlen(pop_pass)); if (close(channel)) return 1; } |