diff options
| author | Christian Göttsche <cgzones@googlemail.com> | 2023-08-07 12:57:38 +0200 |
|---|---|---|
| committer | Dmitry V. Levin <ldv@strace.io> | 2023-08-07 13:10:27 +0000 |
| commit | 05b7aa13d9cc57ac6d303937e630e92d94825ee5 (patch) | |
| tree | 2737a59afc19f8285abc0a0ed87b384f1a58cf0d /modules/pam_timestamp | |
| parent | 72d49e31715346246723ae9d95d2891f77cb1c9e (diff) | |
| download | pam-05b7aa13d9cc57ac6d303937e630e92d94825ee5.tar.gz pam-05b7aa13d9cc57ac6d303937e630e92d94825ee5.tar.bz2 pam-05b7aa13d9cc57ac6d303937e630e92d94825ee5.zip | |
pam_timestamp: use secure memory erasure
Closes: #575
Diffstat (limited to 'modules/pam_timestamp')
| -rw-r--r-- | modules/pam_timestamp/sha1.c | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/modules/pam_timestamp/sha1.c b/modules/pam_timestamp/sha1.c index 2adb5a3b..dff454cf 100644 --- a/modules/pam_timestamp/sha1.c +++ b/modules/pam_timestamp/sha1.c @@ -47,6 +47,7 @@ #include <endian.h> #include <unistd.h> #include "sha1.h" +#include "pam_inline.h" static const unsigned char padding[SHA1_BLOCK_SIZE] = { @@ -142,8 +143,8 @@ sha1_process(struct sha1_context *ctx, uint32_t buffer[SHA1_BLOCK_SIZE / 4]) ctx->d += d; ctx->e += e; - memset(buffer, 0, sizeof(buffer[0]) * SHA1_BLOCK_SIZE / 4); - memset(data, 0, sizeof(data)); + pam_overwrite_n(buffer, sizeof(buffer[0]) * SHA1_BLOCK_SIZE / 4); + pam_overwrite_array(data); } void |