ensure that sensitive data is zeroed out from mem.

ok beck@
2021-10-23 19:08:48 +00:00 · 2021-10-23 19:08:48 +00:00 · a39bec83d1
parent 7ee4e9f9e5
commit a39bec83d1
1 changed files with 2 additions and 1 deletions
--- a/libexec/login_reject/login_reject.c
+++ b/libexec/login_reject/login_reject.c
@ -1,4 +1,4 @@
-/*	$OpenBSD: login_reject.c,v 1.17 2018/04/26 12:42:51 guenther Exp $	*/
+/*	$OpenBSD: login_reject.c,v 1.18 2021/10/23 19:08:48 mestre Exp $	*/

 /*-
 * Copyright (c) 1995 Berkeley Software Design, Inc. All rights reserved.
@ -119,6 +119,7 @@ main(int argc, char *argv[])
 		readpassphrase("Password:", passbuf, sizeof(passbuf), 0);

 	crypt_checkpass("password", NULL);
+	explicit_bzero(passbuf, sizeof(passbuf));

 	fprintf(back, BI_REJECT "\n");
 	exit(1);