27 lines
869 B
Diff
27 lines
869 B
Diff
From f5cae905ca1a9f686f80aea45a34cea50fec0534 Mon Sep 17 00:00:00 2001
|
|
From: modric <pioneerbtw7@163.com>
|
|
Date: Thu, 17 Nov 2022 16:08:59 +0800
|
|
Subject: [PATCH] Fix memory leak of pass in converse().
|
|
|
|
---
|
|
plugins/sudoers/auth/pam.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/plugins/sudoers/auth/pam.c b/plugins/sudoers/auth/pam.c
|
|
index 339b7a5..f5580ea 100644
|
|
--- a/plugins/sudoers/auth/pam.c
|
|
+++ b/plugins/sudoers/auth/pam.c
|
|
@@ -722,7 +722,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
|
|
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
|
|
"password longer than %d", PAM_MAX_RESP_SIZE);
|
|
ret = PAM_CONV_ERR;
|
|
- explicit_bzero(pass, strlen(pass));
|
|
+ freezero(pass, strlen(pass));
|
|
+ pass = NULL;
|
|
goto done;
|
|
}
|
|
reply[n].resp = pass; /* auth_getpass() malloc's a copy */
|
|
--
|
|
2.27.0
|
|
|