diff options
Diffstat (limited to 'modules/pam_unix/unix_update.c')
-rw-r--r-- | modules/pam_unix/unix_update.c | 11 |
1 files changed, 7 insertions, 4 deletions
diff --git a/modules/pam_unix/unix_update.c b/modules/pam_unix/unix_update.c index 3559972b..49a70ff3 100644 --- a/modules/pam_unix/unix_update.c +++ b/modules/pam_unix/unix_update.c @@ -55,15 +55,18 @@ set_password(const char *forwho, const char *shadow, const char *remember) if (npass != 2) { /* is it a valid password? */ if (npass == 1) { helper_log_err(LOG_DEBUG, "no new password supplied"); - memset(pass, '\0', PAM_MAX_RESP_SIZE); + pam_overwrite_array(pass); } else { helper_log_err(LOG_DEBUG, "no valid passwords supplied"); } return PAM_AUTHTOK_ERR; } - if (lock_pwdf() != PAM_SUCCESS) + if (lock_pwdf() != PAM_SUCCESS) { + pam_overwrite_array(pass); + pam_overwrite_array(towhat); return PAM_AUTHTOK_LOCK_BUSY; + } pwd = getpwnam(forwho); @@ -98,8 +101,8 @@ set_password(const char *forwho, const char *shadow, const char *remember) } done: - memset(pass, '\0', PAM_MAX_RESP_SIZE); - memset(towhat, '\0', PAM_MAX_RESP_SIZE); + pam_overwrite_array(pass); + pam_overwrite_array(towhat); unlock_pwdf(); |