s3:passdb: Zero memory for plaintext_pw from 'struct samu'

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c
index c506b1bfc2800d24b4e8b54f54bdaadf3e463995..13bea8d40a67b0d7c4634d95b3226669c1902785 100644 (file)
--- a/source3/passdb/pdb_get_set.c
+++ b/source3/passdb/pdb_get_set.c
@@ -899,10 +899,9 @@ bool pdb_set_pw_history(struct samu *sampass, const uint8_t *pwd, uint32_t histo
 
 bool pdb_set_plaintext_pw_only(struct samu *sampass, const char *password, enum pdb_value_state flag)
 {
-       if (password) {
-               if (sampass->plaintext_pw!=NULL)
-                       memset(sampass->plaintext_pw,'\0',strlen(sampass->plaintext_pw)+1);
+       BURN_STR(sampass->plaintext_pw);
 
+       if (password != NULL) {
                sampass->plaintext_pw = talloc_strdup(sampass, password);
 
                if (!sampass->plaintext_pw) {

diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c
index f6fd50215f2d359a9db4bd618496ac8ab5fb12f6..2d5b2ab57052cb7ef822cbfb73419a6cca35a90f 100644 (file)
--- a/source3/passdb/py_passdb.c
+++ b/source3/passdb/py_passdb.c
@@ -797,6 +797,8 @@ static PyObject *py_samu_get_plaintext_passwd(PyObject *obj, void *closure)
        }
 
        py_plaintext_pw = PyUnicode_FromString(plaintext_pw);
+
+       BURN_STR(discard_const_p(char, plaintext_pw));
        talloc_free(frame);
        return py_plaintext_pw;
 }