Add a zero_bytes() function to do the equivalent of bzero in such a

way that will heopfully not be optimized away by sneaky compilers.
2003-12-31 22:46:10 +00:00
parent de5e16b22f
commit 3944237480
5 changed files with 16 additions and 17 deletions
--- a/auth/sudo_auth.c
+++ b/auth/sudo_auth.c
@@ -117,7 +117,7 @@ verify_user(pw, prompt)
    int success = AUTH_FAILURE;
    int status;
    int flags;
-    volatile char *p;
+    char *p;
    sudo_auth *auth;
    sigaction_t sa, osa;

@@ -202,7 +202,7 @@ verify_user(pw, prompt)
 	}
 #ifndef AUTH_STANDALONE
 	if (p)
-	    (void) memset(p, 0, strlen(p));
+	    zero_bytes(p, strlen(p));
 #endif

 	/* Exit loop on nil password, but give it a chance to match first. */