isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions 1 Packages Projects Releases Wiki Activity

Fix memory leak of pass in converse().

Browse Source
This commit is contained in:
modric
2022-11-17 16:08:59 +08:00
parent 0044893961
commit f5cae905ca
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/auth/pam.c
View File

@@ -723,7 +723,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
if (strlen(pass) >= PAM_MAX_RESP_SIZE) { if (strlen(pass) >= PAM_MAX_RESP_SIZE) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO, sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"password longer than %d", PAM_MAX_RESP_SIZE); "password longer than %d", PAM_MAX_RESP_SIZE);
explicit_bzero(pass, strlen(pass)); freezero(pass, strlen(pass));
pass = NULL;
goto bad; goto bad;
} }
reply[n].resp = pass; /* auth_getpass() malloc's a copy */ reply[n].resp = pass; /* auth_getpass() malloc's a copy */