mir/sudo
2
0
Fork 0
mirror of https://github.com/sudo-project/sudo.git synced 2025-08-29 05:17:54 +00:00
Code Issues Releases Wiki Activity

Fix memory leak of pass in converse().

Browse Source
This commit is contained in:
modric 2022-11-17 16:08:59 +08:00
parent 0044893961
commit f5cae905ca
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
plugins/sudoers/auth/pam.c
View File

@ -723,7 +723,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg,
if (strlen(pass) >= PAM_MAX_RESP_SIZE) {
sudo_debug_printf(SUDO_DEBUG_ERROR|SUDO_DEBUG_LINENO,
"password longer than %d", PAM_MAX_RESP_SIZE);
explicit_bzero(pass, strlen(pass));
freezero(pass, strlen(pass));
pass = NULL;
goto bad;
}
reply[n].resp = pass; /* auth_getpass() malloc's a copy */