Implement memset_s() and use it instead of zero_bytes().

A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.

plugins/sudoers/auth/aix_auth.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2005, 2007-2012 Todd C. Miller <Todd.Miller@courtesan.com>
+ * Copyright (c) 1999-2005, 2007-2013 Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
  * purpose with or without fee is hereby granted, provided that the above
@@ -65,7 +65,7 @@ sudo_aix_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
 	efree(message);
 	message = NULL;
 	result = authenticate(pw->pw_name, pass, &reenter, &message);
-	zero_bytes(pass, strlen(pass));
+	memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
 	prompt = message;
     } while (reenter);
 

plugins/sudoers/auth/bsdauth.c

@@ -156,7 +156,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
 
     if (pass) {
 	authok = auth_userresponse(as, pass, 1);
-	zero_bytes(pass, strlen(pass));
+	memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
     }
 
     /* restore old signal handler */

plugins/sudoers/auth/fwtk.c

@@ -1,5 +1,5 @@
 /*
- * Copyright (c) 1999-2005, 2008, 2010-2012
+ * Copyright (c) 1999-2005, 2008, 2010-2013
  *	Todd C. Miller <Todd.Miller@courtesan.com>
  *
  * Permission to use, copy, modify, and distribute this software for any
@@ -82,7 +82,7 @@ int
 sudo_fwtk_verify(struct passwd *pw, char *prompt, sudo_auth *auth)
 {
     char *pass;				/* Password from the user */
-    char buf[SUDO_PASS_MAX + 12];	/* General prupose buffer */
+    char buf[SUDO_CONV_REPL_MAX + 12];	/* General prupose buffer */
     char resp[128];			/* Response from the server */
     int error;
     debug_decl(sudo_fwtk_verify, SUDO_DEBUG_AUTH)
@@ -139,8 +139,8 @@ restart:
 	warningx("%s", resp);
     error = AUTH_FAILURE;
 done:
-    zero_bytes(pass, strlen(pass));
-    zero_bytes(buf, strlen(buf));
+    memset_s(pass, SUDO_PASS_MAX, 0, strlen(pass));
+    memset_s(buf, sizeof(buf), 0, sizeof(buf));
     debug_return_int(error);
 }
 

plugins/sudoers/auth/pam.c

@@ -312,7 +312,7 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
 
     if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
 	debug_return_int(PAM_SYSTEM_ERR);
-    zero_bytes(*response, num_msg * sizeof(struct pam_response));
+    memset(*response, 0, num_msg * sizeof(struct pam_response));
 
     for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
 	type = SUDO_CONV_PROMPT_ECHO_OFF;
@@ -356,7 +356,7 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
 #endif
 		}
 		pr->resp = estrdup(pass);
-		zero_bytes(pass, strlen(pass));
+		memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
 		break;
 	    case PAM_TEXT_INFO:
 		if (pm->msg)
@@ -380,12 +380,11 @@ done:
 	/* Zero and free allocated memory and return an error. */
 	for (pr = *response, n = num_msg; n--; pr++) {
 	    if (pr->resp != NULL) {
-		zero_bytes(pr->resp, strlen(pr->resp));
+		memset_s(pr->resp, SUDO_CONV_REPL_MAX, 0, strlen(pr->resp));
 		free(pr->resp);
 		pr->resp = NULL;
 	    }
 	}
-	zero_bytes(*response, num_msg * sizeof(struct pam_response));
 	free(*response);
 	*response = NULL;
     }

plugins/sudoers/auth/passwd.c

@@ -114,7 +114,7 @@ sudo_passwd_cleanup(pw, auth)
     debug_decl(sudo_passwd_cleanup, SUDO_DEBUG_AUTH)
 
     if (pw_epasswd != NULL) {
-	zero_bytes(pw_epasswd, strlen(pw_epasswd));
+	memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
 	efree(pw_epasswd);
     }
     debug_return_int(AUTH_SUCCESS);

plugins/sudoers/auth/secureware.c

@@ -106,7 +106,7 @@ sudo_secureware_cleanup(pw, auth)
     debug_decl(sudo_secureware_cleanup, SUDO_DEBUG_AUTH)
 
     if (pw_epasswd != NULL) {
-	zero_bytes(pw_epasswd, strlen(pw_epasswd));
+	memset_s(pw_epasswd, SUDO_CONV_REPL_MAX, 0, strlen(pw_epasswd));
 	efree(pw_epasswd);
     }
     debug_return_int(AUTH_SUCCESS);

plugins/sudoers/auth/sudo_auth.c

@@ -254,7 +254,7 @@ verify_user(struct passwd *pw, char *prompt, int validated)
 		goto done;
 	}
 	if (!standalone)
-	    zero_bytes(p, strlen(p));
+	    memset_s(p, SUDO_CONV_REPL_MAX, 0, strlen(p));
 	pass_warn();
     }