summaryrefslogtreecommitdiff
path: root/modules/pam_unix/unix_update.c
diff options
context:
space:
mode:
Diffstat (limited to 'modules/pam_unix/unix_update.c')
-rw-r--r--modules/pam_unix/unix_update.c11
1 files changed, 7 insertions, 4 deletions
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c
index 3559972b..49a70ff3 100644
--- a/modules/pam_unix/unix_update.c
+++ b/modules/pam_unix/unix_update.c
@@ -55,15 +55,18 @@ set_password(const char *forwho, const char *shadow, const char *remember)
if (npass != 2) { /* is it a valid password? */
if (npass == 1) {
helper_log_err(LOG_DEBUG, "no new password supplied");
- memset(pass, '\0', PAM_MAX_RESP_SIZE);
+ pam_overwrite_array(pass);
} else {
helper_log_err(LOG_DEBUG, "no valid passwords supplied");
}
return PAM_AUTHTOK_ERR;
}
- if (lock_pwdf() != PAM_SUCCESS)
+ if (lock_pwdf() != PAM_SUCCESS) {
+ pam_overwrite_array(pass);
+ pam_overwrite_array(towhat);
return PAM_AUTHTOK_LOCK_BUSY;
+ }
pwd = getpwnam(forwho);
@@ -98,8 +101,8 @@ set_password(const char *forwho, const char *shadow, const char *remember)
}
done:
- memset(pass, '\0', PAM_MAX_RESP_SIZE);
- memset(towhat, '\0', PAM_MAX_RESP_SIZE);
+ pam_overwrite_array(pass);
+ pam_overwrite_array(towhat);
unlock_pwdf();
generated by cgit v1.2.3 (git 2.25.1) at 2024-05-17 00:46:22 +0000