passwd: erase password copy on all error branches

author Christian Göttsche <cgzones@googlemail.com>

Mon, 25 Apr 2022 10:17:40 +0000 (12:17 +0200)

committer Serge Hallyn <serge@hallyn.com>

Sat, 30 Apr 2022 18:19:14 +0000 (13:19 -0500)
author Christian Göttsche <cgzones@googlemail.com>
Mon, 25 Apr 2022 10:17:40 +0000 (12:17 +0200)
committer Serge Hallyn <serge@hallyn.com>
Sat, 30 Apr 2022 18:19:14 +0000 (13:19 -0500)
diff --git a/src/passwd.c b/src/passwd.c

index 80531ec6dabd8409bfe44e808281c334d58e3277..8c6f81a9175e77b0feef8f35a53977020b714c60 100644 (file)
--- a/src/passwd.c
+++ b/src/passwd.c
@@ -289,6 +289,7 @@ static int new_password (const struct passwd *pw)
                 cp = getpass (_("New password: "));
                 if (NULL == cp) {
                         memzero (orig, sizeof orig);
+                       memzero (pass, sizeof pass);
                         return -1;
                 }
                 if (warned && (strcmp (pass, cp) != 0)) {
@@ -316,6 +317,7 @@ static int new_password (const struct passwd *pw)
                 cp = getpass (_("Re-enter new password: "));
                 if (NULL == cp) {
                         memzero (orig, sizeof orig);
+                       memzero (pass, sizeof pass);
                         return -1;
                 }
                 if (strcmp (cp, pass) != 0) {
author	Christian Göttsche <cgzones@googlemail.com>
	Mon, 25 Apr 2022 10:17:40 +0000 (12:17 +0200)
committer	Serge Hallyn <serge@hallyn.com>
	Sat, 30 Apr 2022 18:19:14 +0000 (13:19 -0500)