d/freebsd-dev
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

In contrib/opie/opiekey.c, use the correct length to zero the secret.

Browse Source 
Found by:	clang ToT
Reviewed by:	delphij
MFC after:	3 days
This commit is contained in:
Dimitry Andric 2013-02-16 12:45:57 +00:00
parent a9c09aee21
commit a9fb907e0b
Notes: svn2git 2020-12-20 02:59:44 +00:00 
svn path=/head/; revision=246873
1 changed files with 3 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
contrib/opie/opiekey.c
View File

@ -109,19 +109,19 @@ static void getsecret FUNCTION((secret, promptextra, retype), char *secret AND c
if (!opiereadpass(verify, OPIE_SECRET_MAX, 0)) {
fprintf(stderr, "Error reading %ssecret pass phrase!\n", promptextra);
memset(verify, 0, sizeof(verify));
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
exit(1);
}
if (verify[0] && strcmp(verify, secret)) {
fprintf(stderr, "They don't match. Try again.\n");
memset(verify, 0, sizeof(verify));
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
exit(1);
}
memset(verify, 0, sizeof(verify));
}
if (!(flags & 2) && !aflag && opiepasscheck(secret)) {
memset(secret, 0, sizeof(secret));
memset(secret, 0, OPIE_SECRET_MAX + 1);
fprintf(stderr, "Secret pass phrases must be between %d and %d characters long.\n", OPIE_SECRET_MIN, OPIE_SECRET_MAX);
exit(1);
};