Relevant BUGIDs: 419803

Purpose of commit: bugfix

Commit summary:
---------------
Fix pam_unix to not zero out password strings that it doesn't own!

2 files changed, 2 insertions, 6 deletions

diff --git a/CHANGELOG b/CHANGELOG
index fff2da83..fab19863 100644
--- a/CHANGELOG
+++ b/CHANGELOG
@@ -49,6 +49,8 @@ bug report - outstanding bugs are listed here:
 0.76: please submit patches for this section with actual code/doc
       patches!
 
+* don't zero out password strings during pam_unix's password changing
+  function (Bug 419803 - vorlon)
 * propagate some definitions to the _pam_aconf.h file - from David Lee
   (Bug 415419 - agmorgan)
 * solaris GCC OS_CFLAGS change from David Lee (Bug 415412 - agmorgan)
diff --git a/modules/pam_unix/pam_unix_passwd.c b/modules/pam_unix/pam_unix_passwd.c
index 3fe8a27a..c85305e4 100644
--- a/modules/pam_unix/pam_unix_passwd.c
+++ b/modules/pam_unix/pam_unix_passwd.c
@@ -891,8 +891,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
 		if (retval != PAM_SUCCESS) {
 			_log_err(LOG_NOTICE, pamh,
 			         "new password not acceptable");
-			_pam_overwrite(pass_new);
-			_pam_overwrite(pass_old);
 			pass_new = pass_old = NULL;	/* tidy up */
 #ifdef USE_LCKPWDF
 			ulckpwdf();
@@ -935,8 +933,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
 				if (temp == NULL) {
 					_log_err(LOG_CRIT, pamh,
 					         "out of memory for password");
-					_pam_overwrite(pass_new);
-					_pam_overwrite(pass_old);
 					pass_new = pass_old = NULL;	/* tidy up */
 #ifdef USE_LCKPWDF
 					ulckpwdf();
@@ -970,8 +966,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
 
 		retval = _do_setpass(pamh, user, pass_old, tpass, ctrl,
 		                     remember);
-		_pam_overwrite(pass_new);
-		_pam_overwrite(pass_old);
 		_pam_delete(tpass);
 		pass_old = pass_new = NULL;
 	} else {		/* something has broken with the module */