modules: zero out crypt_r(3) data before usage

The manual page of crypt_r(3) recommends to zero the entire data object.
author: Christian Göttsche <cgzones@googlemail.com> 2024-01-16 15:12:58 +0100
committer: Dmitry V. Levin <ldv@strace.io> 2024-01-21 08:00:00 +0000
commit: 0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7 (patch)
tree: 854b6c8e6b0c3c5e99d604efb5b1e381b5fd915a /modules/pam_pwhistory/opasswd.c
parent: 63476f211a8c02bcd24786a1373012d1831774ec (diff)
download: pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.gz
pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.bz2
pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.zip
1 files changed, 1 insertions, 3 deletions
diff --git a/modules/pam_pwhistory/opasswd.c b/modules/pam_pwhistory/opasswd.c
index b7711e03..a4bcbaae 100644
--- a/modules/pam_pwhistory/opasswd.c
+++ b/modules/pam_pwhistory/opasswd.c
@@ -127,9 +127,7 @@ compare_password(const char *newpass, const char *oldpass)
   char *outval;
   int retval;
 #ifdef HAVE_CRYPT_R
-  struct crypt_data output;
-
-  output.initialized = 0;
+  struct crypt_data output = { 0 };
 
   outval = crypt_r (newpass, oldpass, &output);
 #else
author	Christian Göttsche <cgzones@googlemail.com>	2024-01-16 15:12:58 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2024-01-21 08:00:00 +0000
commit	0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7 (patch)
tree	854b6c8e6b0c3c5e99d604efb5b1e381b5fd915a /modules/pam_pwhistory/opasswd.c
parent	63476f211a8c02bcd24786a1373012d1831774ec (diff)
download	pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.gz pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.bz2 pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.zip