summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTodd C. Miller <millert@cvs.openbsd.org>2000-11-23 00:38:26 +0000
committerTodd C. Miller <millert@cvs.openbsd.org>2000-11-23 00:38:26 +0000
commitb2d2d74f9fb56f6813cc51f4b14ccc42b12a89c7 (patch)
tree77f8b59a45b0242ee9dbed7661a1530095dad760
parentad23ce6a722fd697fad2c59bc62dc9ce7d06a462 (diff)
zero pw_passwd before freeing
-rw-r--r--lib/libc/gen/auth_subr.c7
1 files changed, 5 insertions, 2 deletions
diff --git a/lib/libc/gen/auth_subr.c b/lib/libc/gen/auth_subr.c
index 647c897ea1b..90586622cb4 100644
--- a/lib/libc/gen/auth_subr.c
+++ b/lib/libc/gen/auth_subr.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth_subr.c,v 1.3 2000/11/21 19:43:10 millert Exp $ */
+/* $OpenBSD: auth_subr.c,v 1.4 2000/11/23 00:38:25 millert Exp $ */
/*-
* Copyright (c) 1995,1996,1997 Berkeley Software Design, Inc.
@@ -185,6 +185,7 @@ auth_clean(auth_session_t *as)
auth_setitem(as, AUTHV_ALL, NULL);
if (as->pwd != NULL) {
+ memset(as->pwd->pw_passwd, 0, strlen(as->pwd->pw_passwd));
free(as->pwd);
as->pwd = NULL;
}
@@ -590,8 +591,10 @@ auth_setpwd(auth_session_t *as, struct passwd *pwd)
}
if ((pwd = pw_dup(pwd)) == NULL)
return (-1); /* true failure */
- if (as->pwd)
+ if (as->pwd) {
+ memset(as->pwd->pw_passwd, 0, strlen(as->pwd->pw_passwd));
free(as->pwd);
+ }
as->pwd = pwd;
return (0);
}