libpam: make use of secure memory erasure

Non trivial changes: - erase responses in pam_get_authtok_internal() on error branch
author: Christian Göttsche <cgzones@googlemail.com> 2023-01-30 17:55:27 +0100
committer: Christian Göttsche <cgzones@googlemail.com> 2023-02-28 15:13:15 +0100
commit: e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4 (patch)
tree: 77a5a3305062243a0a9e76cd52be77a83bb0da76 /libpam/pam_handlers.c
parent: 19a29268178951988eca29a7830f24bfef300c3c (diff)
download: pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.gz
pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.bz2
pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/libpam/pam_handlers.c b/libpam/pam_handlers.c
index 6629480e..1f1917b5 100644
--- a/libpam/pam_handlers.c
+++ b/libpam/pam_handlers.c
@@ -1033,7 +1033,7 @@ void _pam_free_handlers_aux(struct handler **hp)
 	_pam_drop(h->argv);  /* This is all allocated in a single chunk */
 	_pam_drop(h->mod_name);
 	h = h->next;
-	memset(last, 0, sizeof(*last));
+	pam_overwrite_object(last);
 	free(last);
     }
author	Christian Göttsche <cgzones@googlemail.com>	2023-01-30 17:55:27 +0100
committer	Christian Göttsche <cgzones@googlemail.com>	2023-02-28 15:13:15 +0100
commit	e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4 (patch)
tree	77a5a3305062243a0a9e76cd52be77a83bb0da76 /libpam/pam_handlers.c
parent	19a29268178951988eca29a7830f24bfef300c3c (diff)
download	pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.gz pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.tar.bz2 pam-e2d01a42c16e0d074764c3e8d2f6a2e6c0ceafc4.zip