diff options
| author | Christian Göttsche <cgzones@googlemail.com> | 2023-01-30 17:55:27 +0100 |
|---|---|---|
| committer | Christian Göttsche <cgzones@googlemail.com> | 2023-02-28 15:13:15 +0100 |
| commit | e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4 (patch) | |
| tree | 77a5a3305062243a0a9e76cd52be77a83bb0da76 /libpam/include | |
| parent | 19a29268178951988eca29a7830f24bfef300c3c (diff) | |
| download | pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.gz pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.bz2 pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.zip | |
libpam: make use of secure memory erasure
Non trivial changes:
- erase responses in pam_get_authtok_internal() on error branch
Diffstat (limited to 'libpam/include')
| -rw-r--r-- | libpam/include/pam_inline.h | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/libpam/include/pam_inline.h b/libpam/include/pam_inline.h index 6fe37857..7721c0b7 100644 --- a/libpam/include/pam_inline.h +++ b/libpam/include/pam_inline.h @@ -161,7 +161,7 @@ pam_read_passwords(int fd, int npass, char **passwords) if (npass > 0) { memcpy(passwords[i], pptr, rbytes); } - memset(pptr, '\0', rbytes); + pam_overwrite_n(pptr, rbytes); } } offset += rbytes; @@ -169,7 +169,7 @@ pam_read_passwords(int fd, int npass, char **passwords) /* clear up */ if (offset > 0 && npass > 0) { - memset(passwords[i], '\0', offset); + pam_overwrite_n(passwords[i], offset); } return i; |