diff options
author | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-01-26 13:22:29 +0100 |
---|---|---|
committer | Aris Adamantiadis <aris@0xbadc0de.be> | 2011-01-26 13:22:29 +0100 |
commit | 5d87ca94a8abd36fddac0b7c0601953d7aecf92f (patch) | |
tree | 82e7f412cba9160be9dcf48cf65130df157ee2d0 | |
parent | 1e827a8e818cf800d5574a2c2cbd97dfae243638 (diff) | |
download | libssh-5d87ca94a8abd36fddac0b7c0601953d7aecf92f.tar.gz libssh-5d87ca94a8abd36fddac0b7c0601953d7aecf92f.tar.xz libssh-5d87ca94a8abd36fddac0b7c0601953d7aecf92f.zip |
Getpass: Fix password clearing
-rw-r--r-- | src/getpass.c | 21 |
1 files changed, 10 insertions, 11 deletions
diff --git a/src/getpass.c b/src/getpass.c index 14e5933a..50c9bab6 100644 --- a/src/getpass.c +++ b/src/getpass.c @@ -50,7 +50,7 @@ static int ssh_gets(const char *prompt, char *buf, size_t len, int verify) { if (tmp == NULL) { return 0; } - ZERO_STRUCT(tmp); + memset(tmp,'\0',len); /* read the password */ while (!ok) { @@ -74,16 +74,16 @@ static int ssh_gets(const char *prompt, char *buf, size_t len, int verify) { if (verify) { char *key_string; - key_string = (char *) malloc(len); + key_string = malloc(len); if (key_string == NULL) { break; } - ZERO_STRUCT(key_string); + memset(key_string, '\0', len); fprintf(stdout, "\nVerifying, please re-enter. %s", prompt); fflush(stdout); if (! fgets(key_string, len, stdin)) { - ZERO_STRUCT(key_string); + memset(key_string, '\0', len); SAFE_FREE(key_string); clearerr(stdin); continue; @@ -94,18 +94,17 @@ static int ssh_gets(const char *prompt, char *buf, size_t len, int verify) { fprintf(stdout, "\n"); if (strcmp(buf, key_string)) { printf("\n\07\07Mismatch - try again\n"); - ZERO_STRUCT(key_string); + memset(key_string, '\0', len); SAFE_FREE(key_string); fflush(stdout); continue; } - ZERO_STRUCT(key_string); + memset(key_string, '\0', len); SAFE_FREE(key_string); } ok = 1; } - - ZERO_STRUCT(tmp); + memset(tmp, '\0', len); free(tmp); return ok; @@ -147,7 +146,7 @@ int ssh_getpass(const char *prompt, SetConsoleMode(h, mode); if (!ok) { - ZERO_STRUCT(buf); + memset (buf, '\0', len); return -1; } @@ -260,8 +259,8 @@ int ssh_getpass(const char *prompt, } if (!ok) { - ZERO_STRUCT(buf); - return -1; + memset (buf, '\0', len); + return -1; } /* force termination */ |