36 lines
1.0 KiB
Diff
36 lines
1.0 KiB
Diff
|
From 6b4bbbeecd676c9423f82658bb3a8f6990218e8d Mon Sep 17 00:00:00 2001
|
||
|
|
From: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||
|
|
Date: Sun, 19 Jan 2025 21:27:50 +0100
|
||
|
|
Subject: [PATCH] src/gpasswd: Clear password in more cases
|
||
|
|
|
||
|
|
If encryption of password fails, clear the memory before exiting.
|
||
|
|
|
||
|
|
Reviewed-by: Alejandro Colomar <alx@kernel.org>
|
||
|
|
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>
|
||
|
|
---
|
||
|
|
src/gpasswd.c | 2 +-
|
||
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||
|
|
|
||
|
|
diff --git a/src/gpasswd.c b/src/gpasswd.c
|
||
|
|
index 560b0ea7..e9e111a9 100644
|
||
|
|
--- a/src/gpasswd.c
|
||
|
|
+++ b/src/gpasswd.c
|
||
|
|
@@ -864,13 +864,13 @@ static void change_passwd (struct group *gr)
|
||
|
|
|
||
|
|
salt = crypt_make_salt (NULL, NULL);
|
||
|
|
cp = pw_encrypt (pass, salt);
|
||
|
|
+ memzero (pass, sizeof pass);
|
||
|
|
if (NULL == cp) {
|
||
|
|
fprintf (stderr,
|
||
|
|
_("%s: failed to crypt password with salt '%s': %s\n"),
|
||
|
|
Prog, salt, strerror (errno));
|
||
|
|
exit (1);
|
||
|
|
}
|
||
|
|
- memzero (pass, sizeof pass);
|
||
|
|
#ifdef SHADOWGRP
|
||
|
|
if (is_shadowgrp) {
|
||
|
|
gr->gr_passwd = SHADOW_PASSWD_STRING;
|
||
|
|
--
|
||
|
|
2.33.0
|
||
|
|
|