36 lines
1.0 KiB
Diff
36 lines
1.0 KiB
Diff
From 58b6e97a9eef866e9e479fb781aaaf59fb11ef36 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Mon, 25 Apr 2022 12:17:40 +0200
|
|
Subject: [PATCH] passwd: erase password copy on all error branches
|
|
|
|
Reference: https://github.com/shadow-maint/shadow/commit/58b6e97a9eef866e9e479fb781aaaf59fb11ef36
|
|
Conflict: NA
|
|
|
|
---
|
|
src/passwd.c | 2 ++
|
|
1 file changed, 2 insertions(+)
|
|
|
|
diff --git a/src/passwd.c b/src/passwd.c
|
|
index 80531ec6..8c6f81a9 100644
|
|
--- a/src/passwd.c
|
|
+++ b/src/passwd.c
|
|
@@ -289,6 +289,7 @@ static int new_password (const struct passwd *pw)
|
|
cp = getpass (_("New password: "));
|
|
if (NULL == cp) {
|
|
memzero (orig, sizeof orig);
|
|
+ memzero (pass, sizeof pass);
|
|
return -1;
|
|
}
|
|
if (warned && (strcmp (pass, cp) != 0)) {
|
|
@@ -316,6 +317,7 @@ static int new_password (const struct passwd *pw)
|
|
cp = getpass (_("Re-enter new password: "));
|
|
if (NULL == cp) {
|
|
memzero (orig, sizeof orig);
|
|
+ memzero (pass, sizeof pass);
|
|
return -1;
|
|
}
|
|
if (strcmp (cp, pass) != 0) {
|
|
--
|
|
2.27.0
|
|
|