isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Implement memset_s() and use it instead of zero_bytes().

Browse Source 
A new constant, SUDO_CONV_REPL_MAX, is defined by the plugin
API as the max conversation reply length.  This constant can be
used as a max value for memset_s() when clearing passwords
filled in by the conversation function.
This commit is contained in:
Todd C. Miller
2013-08-03 08:30:06 -06:00
parent 8c867be419
commit 1f3ea50afd
34 changed files with 371 additions and 233 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/sudo_edit.c
View File

@@ -148,14 +148,14 @@ sudo_edit(struct command_details *command_details)
* and copy the contents of the original to it.
*/
tf = emalloc2(nfiles, sizeof(*tf));
zero_bytes(tf, nfiles * sizeof(*tf));
memset(tf, 0, nfiles * sizeof(*tf));
for (i = 0, j = 0; i < nfiles; i++) {
rc = -1;
switch_user(command_details->euid, command_details->egid,
command_details->ngroups, command_details->groups);
if ((ofd = open(files[i], O_RDONLY, 0644)) != -1 || errno == ENOENT) {
if (ofd == -1) {
zero_bytes(&sb, sizeof(sb)); /* new file */
memset(&sb, 0, sizeof(sb)); /* new file */
rc = 0;
} else {
rc = fstat(ofd, &sb);