From 0a9912e5f7810dffeecad0131b1f0c038457bfe5 Mon Sep 17 00:00:00 2001
From: Benny Baumann <BenBE@geshi.org>
Date: Mon, 11 Dec 2023 13:43:30 +0100
Subject: pam_timestamp: clean buffers before freeing

* modules/pam_timestamp/hmac_openssl_wrapper.c (generate_key): Clean
the buffer on short read.
(write_file): Clean the buffer on short write.
---
 modules/pam_timestamp/hmac_openssl_wrapper.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'modules/pam_timestamp')

diff --git a/modules/pam_timestamp/hmac_openssl_wrapper.c b/modules/pam_timestamp/hmac_openssl_wrapper.c
index a59a8de2..b2aeda21 100644
--- a/modules/pam_timestamp/hmac_openssl_wrapper.c
+++ b/modules/pam_timestamp/hmac_openssl_wrapper.c
@@ -105,6 +105,7 @@ generate_key(pam_handle_t *pamh, char **key, size_t key_size)
 
     if (bytes_read < 0 || (size_t)bytes_read < key_size) {
         pam_syslog(pamh, LOG_ERR, "Short read on random device");
+        pam_overwrite_n(tmp, key_size);
         free(tmp);
         return PAM_AUTH_ERR;
     }
@@ -192,6 +193,7 @@ write_file(pam_handle_t *pamh, const char *file_name, char *text,
 
     if (bytes_written < 0 || (size_t)bytes_written < text_length) {
         pam_syslog(pamh, LOG_ERR, "Short write on %s", file_name);
+        pam_overwrite_n(text, text_length);
         free(text);
         return PAM_AUTH_ERR;
     }
-- 
cgit v1.2.3