modules: make use of secure memory erasure

Use empty initialization of structs to minimize the memset() usage, to
reduce the amount of calls which are not sensitive.

Non trivial changes:

- pam_env:
  * erase environment variables where possible

- pam_exec:
  * erase responce on error
  * erase auth token

- pam_pwhistory:
  * erase buffers containing old passwords

- pam_selinux: skip overwriting data structure consisting of only
  pointers to insensitive data, which also gets free'd afterwards (so
  it currently does not protect against double-free or use-after-free on
  the member pointers)

- pam_unix: erase cipher data in more places

- pam_userdb: erase password hashes

1 files changed, 2 insertions, 2 deletions

diff --git a/modules/pam_unix/md5_crypt.c b/modules/pam_unix/md5_crypt.c
index 94f7b434..ed5ecda4 100644
--- a/modules/pam_unix/md5_crypt.c
+++ b/modules/pam_unix/md5_crypt.c
@@ -87,7 +87,7 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt)
 		MD5Name(MD5Update)(&ctx,(unsigned const char *)final,pl>16 ? 16 : pl);
 
 	/* Don't leave anything around in vm they could use. */
-	memset(final, 0, sizeof final);
+	pam_overwrite_array(final);
 
 	/* Then something really weird... */
 	for (j = 0, i = strlen(pw); i; i >>= 1)
@@ -151,7 +151,7 @@ char *MD5Name(crypt_md5)(const char *pw, const char *salt)
 	*p = '\0';
 
 	/* Don't leave anything around in vm they could use. */
-	memset(final, 0, sizeof final);
+	pam_overwrite_array(final);
 
 	return passwd;
 }