From bcba17939e1b1a568cd4a764534cde74d37078cc Mon Sep 17 00:00:00 2001
From: Christian Göttsche <cgzones@googlemail.com>
Date: Mon, 30 Jan 2023 17:56:58 +0100
Subject: modules: make use of secure memory erasure

Use empty initialization of structs to minimize the memset() usage, to
reduce the amount of calls which are not sensitive.

Non trivial changes:

- pam_env:
  * erase environment variables where possible

- pam_exec:
  * erase responce on error
  * erase auth token

- pam_pwhistory:
  * erase buffers containing old passwords

- pam_selinux: skip overwriting data structure consisting of only
  pointers to insensitive data, which also gets free'd afterwards (so
  it currently does not protect against double-free or use-after-free on
  the member pointers)

- pam_unix: erase cipher data in more places

- pam_userdb: erase password hashes
---
 modules/pam_selinux/pam_selinux.c | 1 -
 1 file changed, 1 deletion(-)

(limited to 'modules/pam_selinux')

diff --git a/modules/pam_selinux/pam_selinux.c b/modules/pam_selinux/pam_selinux.c
index bf605c8b..e52e0fc4 100644
--- a/modules/pam_selinux/pam_selinux.c
+++ b/modules/pam_selinux/pam_selinux.c
@@ -393,7 +393,6 @@ free_module_data(module_data_t *data)
   freecon(data->prev_exec_context);
   if (data->exec_context != data->default_user_context)
     freecon(data->exec_context);
-  memset(data, 0, sizeof(*data));
   free(data);
 }
 
-- 
cgit v1.2.3