diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2022-05-27 04:29:40 +0000 |
---|---|---|
committer | Darren Tucker <dtucker@dtucker.net> | 2022-05-27 14:59:17 +1000 |
commit | 2c334fd36f80cb91cc42e4b978b10aa35e0df236 (patch) | |
tree | e71d1d59ef6192c4fb2d08289fa3d9dd3fe346c4 /auth2-passwd.c | |
parent | 5d3a77f4c5ae774c6796387266503f52c7cdc7c2 (diff) | |
download | openssh-git-2c334fd36f80cb91cc42e4b978b10aa35e0df236.tar.gz |
upstream: f sshpkt functions fail, then password is not cleared
with freezero. Unconditionally call freezero to guarantee that password is
removed from RAM.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
Diffstat (limited to 'auth2-passwd.c')
-rw-r--r-- | auth2-passwd.c | 10 |
1 files changed, 6 insertions, 4 deletions
diff --git a/auth2-passwd.c b/auth2-passwd.c index f8a6dbc1..cc12cfbc 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-passwd.c,v 1.20 2021/12/19 22:12:07 djm Exp $ */ +/* $OpenBSD: auth2-passwd.c,v 1.21 2022/05/27 04:29:40 dtucker Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -51,16 +51,18 @@ extern ServerOptions options; static int userauth_passwd(struct ssh *ssh, const char *method) { - char *password; + char *password = NULL; int authenticated = 0, r; u_char change; - size_t len; + size_t len = 0; if ((r = sshpkt_get_u8(ssh, &change)) != 0 || (r = sshpkt_get_cstring(ssh, &password, &len)) != 0 || (change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) || - (r = sshpkt_get_end(ssh)) != 0) + (r = sshpkt_get_end(ssh)) != 0) { + freezero(password, len); fatal_fr(r, "parse packet"); + } if (change) logit("password change not supported"); |