From de910eeee54c1f38e9f8e83d8cd9c048f65051eb Mon Sep 17 00:00:00 2001 From: Benny Baumann Date: Tue, 12 Dec 2023 13:10:59 +0100 Subject: pam_timestamp: ensure we get zero-initialized memory This ensures that the whole buffer is in a somewhat defined state all the time even when some function calls write into the buffer only partially. This is not strictly necessary, as short writes into the buffer are checked, but it's good practice anyway. * modules/pam_timestamp/hmac_openssl_wrapper.c (generate_key): Replace malloc with calloc. --- modules/pam_timestamp/hmac_openssl_wrapper.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'modules/pam_timestamp') diff --git a/modules/pam_timestamp/hmac_openssl_wrapper.c b/modules/pam_timestamp/hmac_openssl_wrapper.c index 2f015c6a..9926bbac 100644 --- a/modules/pam_timestamp/hmac_openssl_wrapper.c +++ b/modules/pam_timestamp/hmac_openssl_wrapper.c @@ -87,7 +87,7 @@ generate_key(pam_handle_t *pamh, char **key, size_t key_size) ssize_t bytes_read = 0; char *tmp = *key = NULL; - tmp = malloc(key_size); + tmp = calloc(1, key_size); if (!tmp) { pam_syslog(pamh, LOG_CRIT, "Not enough memory"); return PAM_AUTH_ERR; @@ -141,7 +141,7 @@ read_file(pam_handle_t *pamh, int fd, char **text, size_t *text_length) return PAM_AUTH_ERR; } - tmp = malloc(st.st_size); + tmp = calloc(1, st.st_size); if (!tmp) { pam_syslog(pamh, LOG_CRIT, "Not enough memory"); close(fd); -- cgit v1.2.3