isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use OpenBSD-compatible freezero() in place of explicit_bzero() + free()

Browse Source
This commit is contained in:
Todd C. Miller
2020-08-10 19:24:33 -06:00
parent cef6e3687e
commit ce97ca28db
19 changed files with 105 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/auth/sia.c
View File

@@ -90,8 +90,7 @@ sudo_sia_verify(struct passwd *pw, char *prompt, sudo_auth *auth,
/* Check password and zero out plaintext copy. */
rc = sia_ses_authent(NULL, pass, siah);
explicit_bzero(pass, strlen(pass));
free(pass);
freezero(pass, strlen(pass));
if (rc == SIASUCCESS)
debug_return_int(AUTH_SUCCESS);