summaryrefslogtreecommitdiff
path: root/modules/pam_unix/unix_update.c
diff options
context:
space:
mode:
authorSam Hartman <hartmans@debian.org>2023-09-11 14:09:57 -0600
committerSam Hartman <hartmans@debian.org>2023-09-11 14:09:57 -0600
commite9aa2ef52a423a3a33299bf7e8715eb5bd76ea67 (patch)
tree8b1bd3f4fc01ef0261a13d75cf48be9002480aaf /modules/pam_unix/unix_update.c
parent99d0d1c5c4f07332daa86e73981267a761bc966e (diff)
parentbf07335a19d6192adaf4b1a817d2101ee0bad134 (diff)
New upstream version 1.5.3
Diffstat (limited to 'modules/pam_unix/unix_update.c')
-rw-r--r--modules/pam_unix/unix_update.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c
index 3559972b..49a70ff3 100644
--- a/modules/pam_unix/unix_update.c
+++ b/modules/pam_unix/unix_update.c
@@ -55,15 +55,18 @@ set_password(const char *forwho, const char *shadow, const char *remember)
if (npass != 2) { /* is it a valid password? */
if (npass == 1) {
helper_log_err(LOG_DEBUG, "no new password supplied");
- memset(pass, '\0', PAM_MAX_RESP_SIZE);
+ pam_overwrite_array(pass);
} else {
helper_log_err(LOG_DEBUG, "no valid passwords supplied");
}
return PAM_AUTHTOK_ERR;
}
- if (lock_pwdf() != PAM_SUCCESS)
+ if (lock_pwdf() != PAM_SUCCESS) {
+ pam_overwrite_array(pass);
+ pam_overwrite_array(towhat);
return PAM_AUTHTOK_LOCK_BUSY;
+ }
pwd = getpwnam(forwho);
@@ -98,8 +101,8 @@ set_password(const char *forwho, const char *shadow, const char *remember)
}
done:
- memset(pass, '\0', PAM_MAX_RESP_SIZE);
- memset(towhat, '\0', PAM_MAX_RESP_SIZE);
+ pam_overwrite_array(pass);
+ pam_overwrite_array(towhat);
unlock_pwdf();