isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Use OpenBSD-compatible freezero() in place of explicit_bzero() + free()

Browse Source
This commit is contained in:
Todd C. Miller
2020-08-10 19:24:33 -06:00
parent cef6e3687e
commit ce97ca28db
19 changed files with 105 additions and 37 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
plugins/sudoers/auth/sudo_auth.c
View File

@@ -325,10 +325,8 @@ verify_user(struct passwd *pw, char *prompt, int validated,
if (success != AUTH_FAILURE)
break;
}
if (pass != NULL) {
explicit_bzero(pass, strlen(pass));
free(pass);
}
if (pass != NULL)
freezero(pass, strlen(pass));
if (success != AUTH_FAILURE)
goto done;