src/gpasswd: Clear password in more cases

If encryption of password fails, clear the memory before exiting.

Reviewed-by: Alejandro Colomar <alx@kernel.org>
Signed-off-by: Tobias Stoeckmann <tobias@stoeckmann.org>

diff --git a/src/gpasswd.c b/src/gpasswd.c
index 560b0ea796b676beca90eb9b8b3b05c3ba4414cc..e9e111a9fb7a3f91a325dcad185aa33cc3dd2266 100644 (file)
--- a/src/gpasswd.c
+++ b/src/gpasswd.c
@@ -864,13 +864,13 @@ static void change_passwd (struct group *gr)
 
        salt = crypt_make_salt (NULL, NULL);
        cp = pw_encrypt (pass, salt);
+       MEMZERO(pass);
        if (NULL == cp) {
                fprintf (stderr,
                         _("%s: failed to crypt password with salt '%s': %s\n"),
                         Prog, salt, strerror (errno));
                exit (1);
        }
-       MEMZERO(pass);
 #ifdef SHADOWGRP
        if (is_shadowgrp) {
                gr->gr_passwd = SHADOW_PASSWD_STRING;