mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-09-03 07:45:47 +00:00
Code Issues Releases Wiki Activity

auth_getpass() returns a dynamically allocated copy of the plaintext

Browse Source 
password which needs to be freed after checking (and clearing) it.
This commit is contained in:
Todd C. Miller
2016-01-27 15:36:50 -07:00
parent 91bce65e29
commit ab11cdde2c
7 changed files with 26 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/auth/bsdauth.c
View File

@@ -141,6 +141,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_con
log_warningx(0, N_("unable to allocate memory"));
debug_return_int(AUTH_FATAL);
}
free(pass);
pass = auth_getpass(s, def_passwd_timeout * 60,
SUDO_CONV_PROMPT_ECHO_ON, callback);
free(s);
@@ -150,6 +151,7 @@ bsdauth_verify(struct passwd *pw, char *prompt, sudo_auth *auth, struct sudo_con
if (pass) {
authok = auth_userresponse(as, pass, 1);
memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass));
free(pass);
}
/* restore old signal handler */