modules: zero out crypt_r(3) data before usage

The manual page of crypt_r(3) recommends to zero the entire data object.
author: Christian Göttsche <cgzones@googlemail.com> 2024-01-16 15:12:58 +0100
committer: Dmitry V. Levin <ldv@strace.io> 2024-01-21 08:00:00 +0000
commit: 0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7 (patch)
tree: 854b6c8e6b0c3c5e99d604efb5b1e381b5fd915a /modules/pam_unix/passverify.c
parent: 63476f211a8c02bcd24786a1373012d1831774ec (diff)
download: pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.gz
pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.bz2
pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.zip
1 files changed, 2 insertions, 4 deletions
diff --git a/modules/pam_unix/passverify.c b/modules/pam_unix/passverify.c
index 1bc98fa2..30045333 100644
--- a/modules/pam_unix/passverify.c
+++ b/modules/pam_unix/passverify.c
@@ -144,9 +144,8 @@ PAMH_ARG_DECL(int verify_pwd_hash,
 #endif
 #ifdef HAVE_CRYPT_R
 			struct crypt_data *cdata;
-			cdata = malloc(sizeof(*cdata));
+			cdata = calloc(1, sizeof(*cdata));
 			if (cdata != NULL) {
-				cdata->initialized = 0;
 				pp = x_strdup(crypt_r(p, hash, cdata));
 				pam_overwrite_object(cdata);
 				free(cdata);
@@ -503,9 +502,8 @@ PAMH_ARG_DECL(char * create_password_hash,
 #endif /* CRYPT_GENSALT_IMPLEMENTS_AUTO_ENTROPY */
 #ifdef HAVE_CRYPT_R
 	sp = NULL;
-	cdata = malloc(sizeof(*cdata));
+	cdata = calloc(1, sizeof(*cdata));
 	if (cdata != NULL) {
-		cdata->initialized = 0;
 		sp = crypt_r(password, salt, cdata);
 	}
 #else
author	Christian Göttsche <cgzones@googlemail.com>	2024-01-16 15:12:58 +0100
committer	Dmitry V. Levin <ldv@strace.io>	2024-01-21 08:00:00 +0000
commit	0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7 (patch)
tree	854b6c8e6b0c3c5e99d604efb5b1e381b5fd915a /modules/pam_unix/passverify.c
parent	63476f211a8c02bcd24786a1373012d1831774ec (diff)
download	pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.gz pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.tar.bz2 pam-0e80c788850c4a699e4bfb3ab7b44e354b8fdfd7.zip