diff options
| author | Theo de Raadt <deraadt@cvs.openbsd.org> | 2021-09-18 16:45:53 +0000 |
|---|---|---|
| committer | Theo de Raadt <deraadt@cvs.openbsd.org> | 2021-09-18 16:45:53 +0000 |
| commit | 0b907959e8ea6f90a771c9e463659cfcf02cb271 (patch) | |
| tree | e340c10a7908fa27a5e0e9078ac364be04cd235f /sbin/iked/parse.y | |
| parent | 627165aaa827747a14da2062fa3f5361aeffc9f6 (diff) | |
upon length check or other failure, explicit_bzero an object, because it may
contain a partially copied password
ok tobhe
Diffstat (limited to 'sbin/iked/parse.y')
| -rw-r--r-- | sbin/iked/parse.y | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/sbin/iked/parse.y b/sbin/iked/parse.y index 533ea48d77e..fc47c89c3aa 100644 --- a/sbin/iked/parse.y +++ b/sbin/iked/parse.y @@ -1,4 +1,4 @@ -/* $OpenBSD: parse.y,v 1.131 2021/05/28 18:01:39 tobhe Exp $ */ +/* $OpenBSD: parse.y,v 1.132 2021/09/18 16:45:52 deraadt Exp $ */ /* * Copyright (c) 2019 Tobias Heider <tobias.heider@stusta.de> @@ -3071,6 +3071,7 @@ create_user(const char *user, const char *pass) if (*pass == '\0' || (strlcpy(usr.usr_pass, pass, sizeof(usr.usr_pass)) >= sizeof(usr.usr_pass))) { yyerror("invalid password"); + explicit_bzero(&usr, sizeof usr); /* zap partial password */ return (-1); } |