Browse Source

Delete secret or secret-derived data with explicit_bzero.

concept ok deraadt@
diff looks ok tedu@
OPENBSD_5_7
doug 10 years ago
parent
commit
cd356709c6
1 changed files with 2 additions and 2 deletions
  1. +2
    -2
      src/lib/libutil/check_expire.c

+ 2
- 2
src/lib/libutil/check_expire.c View File

@ -1,4 +1,4 @@
/* $OpenBSD: check_expire.c,v 1.9 2013/04/29 00:19:19 okan Exp $ */
/* $OpenBSD: check_expire.c,v 1.10 2014/08/25 07:50:25 doug Exp $ */
/* /*
* Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved. * Copyright (c) 1997 Berkeley Software Design, Inc. All rights reserved.
@ -129,7 +129,7 @@ login_check_expire(FILE *back, struct passwd *pwd, char *class, int lastchance)
npwd = pw_dup(pwd); npwd = pw_dup(pwd);
npwd->pw_change = 1; npwd->pw_change = 1;
p = pwd_update(npwd, pwd); p = pwd_update(npwd, pwd);
memset(npwd->pw_passwd, 0,
explicit_bzero(npwd->pw_passwd,
strlen(npwd->pw_passwd)); strlen(npwd->pw_passwd));
free(npwd); free(npwd);
if (p != NULL) { if (p != NULL) {


Loading…
Cancel
Save