libpamc: make use of secure memory erasure

3 files changed, 8 insertions, 5 deletions

diff --git a/libpamc/pamc_client.c b/libpamc/pamc_client.c
index 175f424d..b7be8219 100644
--- a/libpamc/pamc_client.c
+++ b/libpamc/pamc_client.c
@@ -7,6 +7,7 @@
  */
 
 #include "libpamc.h"
+#include "pam_inline.h"
 
 /*
  * liberate path list
@@ -145,7 +146,7 @@ static int __pamc_shutdown_agents(pamc_handle_t pch)
 	}
 	pid = this->pid = 0;
 
-	memset(this->id, 0, this->id_length);
+	pam_overwrite_n(this->id, this->id_length);
 	free(this->id);
 	this->id = NULL;
 	this->id_length = 0;
diff --git a/libpamc/pamc_converse.c b/libpamc/pamc_converse.c
index f8f60edf..4da11cf0 100644
--- a/libpamc/pamc_converse.c
+++ b/libpamc/pamc_converse.c
@@ -7,6 +7,7 @@
  */
 
 #include "libpamc.h"
+#include "pam_inline.h"
 
 /*
  * select agent
@@ -157,7 +158,7 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
 
     size = PAM_BP_SIZE(raw);
     control = PAM_BP_RCONTROL(raw);
-    memset(raw, 0, sizeof(raw));
+    pam_overwrite_array(raw);
 
     D(("agent replied with prompt of size %d and control %u",
        size, control));
diff --git a/libpamc/pamc_load.c b/libpamc/pamc_load.c
index 24a65dfd..b4fa78b3 100644
--- a/libpamc/pamc_load.c
+++ b/libpamc/pamc_load.c
@@ -7,6 +7,7 @@
  */
 
 #include "libpamc.h"
+#include "pam_inline.h"
 
 static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent)
 {
@@ -143,7 +144,7 @@ close_the_agent:
     close(to_agent[1]);
 
 free_and_return:
-    memset(full_path, 0, reset_length);
+    pam_overwrite_n(full_path, reset_length);
     free(full_path);
 
     D(("returning %d", return_code));
@@ -301,10 +302,10 @@ int pamc_load(pamc_handle_t pch, const char *agent_id)
 
 fail_free_agent_id:
 
-    memset(agent->id, 0, agent->id_length);
+    pam_overwrite_n(agent->id, agent->id_length);
     free(agent->id);
 
-    memset(agent, 0, sizeof(*agent));
+    pam_overwrite_object(agent);
 
 fail_free_agent: