Clear passwords on __gr_dup/__pw_dup errors.

The functions __gr_dup and __pw_dup do not explicitly zero the
memory which hold the passwords after free. The gr_free and pw_free
functions do this explicitly.

To guarantee same behaviour, it's possible to call these *_free
functions directly from __*_dup, because the memory is initialized
with zeros at the beginning. Calling free(NULL) has no negative
effect and can be considered safe these days.

diff --git a/lib/groupmem.c b/lib/groupmem.c
index e69c31073f41a179e30445469d27f73aeda45f0c..1fd1c135c2f0ffdf68ba35dfafd9b64135d74cb4 100644 (file)
--- a/lib/groupmem.c
+++ b/lib/groupmem.c
@@ -55,15 +55,14 @@
        gr->gr_name = strdup (grent->gr_name);
        /*@=mustfreeonly@*/
        if (NULL == gr->gr_name) {
-               free(gr);
+               gr_free(gr);
                return NULL;
        }
        /*@-mustfreeonly@*/
        gr->gr_passwd = strdup (grent->gr_passwd);
        /*@=mustfreeonly@*/
        if (NULL == gr->gr_passwd) {
-               free(gr->gr_name);
-               free(gr);
+               gr_free(gr);
                return NULL;
        }
 
@@ -73,21 +72,13 @@
        gr->gr_mem = (char **) malloc ((i + 1) * sizeof (char *));
        /*@=mustfreeonly@*/
        if (NULL == gr->gr_mem) {
-               free(gr->gr_passwd);
-               free(gr->gr_name);
-               free(gr);
+               gr_free(gr);
                return NULL;
        }
        for (i = 0; grent->gr_mem[i]; i++) {
                gr->gr_mem[i] = strdup (grent->gr_mem[i]);
                if (NULL == gr->gr_mem[i]) {
-                       int j;
-                       for (j=0; j<i; j++)
-                               free(gr->gr_mem[j]);
-                       free(gr->gr_mem);
-                       free(gr->gr_passwd);
-                       free(gr->gr_name);
-                       free(gr);
+                       gr_free(gr);
                        return NULL;
                }
        }

diff --git a/lib/pwmem.c b/lib/pwmem.c
index 7013e8a38943c7ebdaa6efb4d51d7fac5b9e3266..17d2eb2198792f57037bbb9760f6e8c467724a7b 100644 (file)
--- a/lib/pwmem.c
+++ b/lib/pwmem.c
@@ -56,45 +56,35 @@
        pw->pw_name = strdup (pwent->pw_name);
        /*@=mustfreeonly@*/
        if (NULL == pw->pw_name) {
-               free(pw);
+               pw_free(pw);
                return NULL;
        }
        /*@-mustfreeonly@*/
        pw->pw_passwd = strdup (pwent->pw_passwd);
        /*@=mustfreeonly@*/
        if (NULL == pw->pw_passwd) {
-               free(pw->pw_name);
-               free(pw);
+               pw_free(pw);
                return NULL;
        }
        /*@-mustfreeonly@*/
        pw->pw_gecos = strdup (pwent->pw_gecos);
        /*@=mustfreeonly@*/
        if (NULL == pw->pw_gecos) {
-               free(pw->pw_passwd);
-               free(pw->pw_name);
-               free(pw);
+               pw_free(pw);
                return NULL;
        }
        /*@-mustfreeonly@*/
        pw->pw_dir = strdup (pwent->pw_dir);
        /*@=mustfreeonly@*/
        if (NULL == pw->pw_dir) {
-               free(pw->pw_gecos);
-               free(pw->pw_passwd);
-               free(pw->pw_name);
-               free(pw);
+               pw_free(pw);
                return NULL;
        }
        /*@-mustfreeonly@*/
        pw->pw_shell = strdup (pwent->pw_shell);
        /*@=mustfreeonly@*/
        if (NULL == pw->pw_shell) {
-               free(pw->pw_dir);
-               free(pw->pw_gecos);
-               free(pw->pw_passwd);
-               free(pw->pw_name);
-               free(pw);
+               pw_free(pw);
                return NULL;
        }