From 035e2021fa986fe7a1b9a7af5a0102163697eda3 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pavel=20Filipensk=C3=BD?= Date: Mon, 8 Aug 2022 14:30:24 +0200 Subject: [PATCH] s3:passdb: Zero memory for plaintext_pw from 'struct samu' MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Signed-off-by: Pavel Filipenský Reviewed-by: Andreas Schneider --- source3/passdb/pdb_get_set.c | 5 ++--- source3/passdb/py_passdb.c | 2 ++ 2 files changed, 4 insertions(+), 3 deletions(-) diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index c506b1bfc28..13bea8d40a6 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -899,10 +899,9 @@ bool pdb_set_pw_history(struct samu *sampass, const uint8_t *pwd, uint32_t histo bool pdb_set_plaintext_pw_only(struct samu *sampass, const char *password, enum pdb_value_state flag) { - if (password) { - if (sampass->plaintext_pw!=NULL) - memset(sampass->plaintext_pw,'\0',strlen(sampass->plaintext_pw)+1); + BURN_STR(sampass->plaintext_pw); + if (password != NULL) { sampass->plaintext_pw = talloc_strdup(sampass, password); if (!sampass->plaintext_pw) { diff --git a/source3/passdb/py_passdb.c b/source3/passdb/py_passdb.c index f6fd50215f2..2d5b2ab5705 100644 --- a/source3/passdb/py_passdb.c +++ b/source3/passdb/py_passdb.c @@ -797,6 +797,8 @@ static PyObject *py_samu_get_plaintext_passwd(PyObject *obj, void *closure) } py_plaintext_pw = PyUnicode_FromString(plaintext_pw); + + BURN_STR(discard_const_p(char, plaintext_pw)); talloc_free(frame); return py_plaintext_pw; } -- 2.47.3