mirrors/linux-pam
0
0
Fork 0
mirror of https://github.com/linux-pam/linux-pam.git synced 2024-11-24 10:22:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

Relevant BUGIDs: 419803

Browse Source 
Purpose of commit: bugfix

Commit summary:
---------------
Fix pam_unix to not zero out password strings that it doesn't own!
This commit is contained in:
Steve Langasek 2001-04-28 16:06:19 +00:00
parent 377f9e2157
commit 7143eaf024
2 changed files with 2 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG
View File

@ -49,6 +49,8 @@ bug report - outstanding bugs are listed here:
0.76: please submit patches for this section with actual code/doc
patches!
* don't zero out password strings during pam_unix's password changing
function (Bug 419803 - vorlon)
* propagate some definitions to the _pam_aconf.h file - from David Lee
(Bug 415419 - agmorgan)
* solaris GCC OS_CFLAGS change from David Lee (Bug 415412 - agmorgan)

6
modules/pam_unix/pam_unix_passwd.c
View File

@ -891,8 +891,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (retval != PAM_SUCCESS) {
_log_err(LOG_NOTICE, pamh,
"new password not acceptable");
_pam_overwrite(pass_new);
_pam_overwrite(pass_old);
pass_new = pass_old = NULL; /* tidy up */
#ifdef USE_LCKPWDF
ulckpwdf();
@ -935,8 +933,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
if (temp == NULL) {
_log_err(LOG_CRIT, pamh,
"out of memory for password");
_pam_overwrite(pass_new);
_pam_overwrite(pass_old);
pass_new = pass_old = NULL; /* tidy up */
#ifdef USE_LCKPWDF
ulckpwdf();
@ -970,8 +966,6 @@ PAM_EXTERN int pam_sm_chauthtok(pam_handle_t * pamh, int flags,
retval = _do_setpass(pamh, user, pass_old, tpass, ctrl,
remember);
_pam_overwrite(pass_new);
_pam_overwrite(pass_old);
_pam_delete(tpass);
pass_old = pass_new = NULL;
} else { /* something has broken with the module */