diff options
Diffstat (limited to 'libpam/pam_get_authtok.c')
-rw-r--r-- | libpam/pam_get_authtok.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/libpam/pam_get_authtok.c b/libpam/pam_get_authtok.c index 3fa7f7df..3f383339 100644 --- a/libpam/pam_get_authtok.c +++ b/libpam/pam_get_authtok.c @@ -33,6 +33,7 @@ #include "config.h" #include "pam_private.h" +#include "pam_inline.h" #include <security/pam_ext.h> @@ -174,6 +175,10 @@ pam_get_authtok_internal (pam_handle_t *pamh, int item, (chpass > 1 && resp[1] == NULL)) { /* We want to abort */ + pam_overwrite_string (resp[0]); + _pam_drop (resp[0]); + pam_overwrite_string (resp[1]); + _pam_drop (resp[1]); if (chpass) pam_error (pamh, _("Password change has been aborted.")); return PAM_AUTHTOK_ERR; @@ -182,18 +187,18 @@ pam_get_authtok_internal (pam_handle_t *pamh, int item, if (chpass > 1 && strcmp (resp[0], resp[1]) != 0) { pam_error (pamh, MISTYPED_PASS); - _pam_overwrite (resp[0]); + pam_overwrite_string (resp[0]); _pam_drop (resp[0]); - _pam_overwrite (resp[1]); + pam_overwrite_string (resp[1]); _pam_drop (resp[1]); return PAM_TRY_AGAIN; } - _pam_overwrite (resp[1]); + pam_overwrite_string (resp[1]); _pam_drop (resp[1]); retval = pam_set_item (pamh, item, resp[0]); - _pam_overwrite (resp[0]); + pam_overwrite_string (resp[0]); _pam_drop (resp[0]); if (retval != PAM_SUCCESS) return retval; @@ -263,13 +268,13 @@ pam_get_authtok_verify (pam_handle_t *pamh, const char **authtok, { pam_set_item (pamh, PAM_AUTHTOK, NULL); pam_error (pamh, MISTYPED_PASS); - _pam_overwrite (resp); + pam_overwrite_string (resp); _pam_drop (resp); return PAM_TRY_AGAIN; } retval = pam_set_item (pamh, PAM_AUTHTOK, resp); - _pam_overwrite (resp); + pam_overwrite_string (resp); _pam_drop (resp); if (retval != PAM_SUCCESS) return retval; |