mirrors/linux-pam
0
0
Fork 0
mirror of https://github.com/linux-pam/linux-pam.git synced 2024-11-23 09:43:36 +08:00
Code Issues Packages Projects Releases Wiki Activity

libpamc: make use of secure memory erasure

Browse Source
This commit is contained in:
Christian Göttsche 2023-01-30 17:55:50 +01:00
parent dd733a5214
commit 87ff7a12a5
3 changed files with 8 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
libpamc/pamc_client.c
View File

@ -7,6 +7,7 @@
*/
#include "libpamc.h"
#include "pam_inline.h"
/*
* liberate path list
@ -145,7 +146,7 @@ static int __pamc_shutdown_agents(pamc_handle_t pch)
}
pid = this->pid = 0;
memset(this->id, 0, this->id_length);
pam_overwrite_n(this->id, this->id_length);
free(this->id);
this->id = NULL;
this->id_length = 0;

3
libpamc/pamc_converse.c
View File

@ -7,6 +7,7 @@
*/
#include "libpamc.h"
#include "pam_inline.h"
/*
* select agent
@ -157,7 +158,7 @@ int pamc_converse(pamc_handle_t pch, pamc_bp_t *prompt_p)
size = PAM_BP_SIZE(raw);
control = PAM_BP_RCONTROL(raw);
memset(raw, 0, sizeof(raw));
pam_overwrite_array(raw);
D(("agent replied with prompt of size %d and control %u",
size, control));

7
libpamc/pamc_load.c
View File

@ -7,6 +7,7 @@
*/
#include "libpamc.h"
#include "pam_inline.h"
static int __pamc_exec_agent(pamc_handle_t pch, pamc_agent_t *agent)
{
@ -143,7 +144,7 @@ close_the_agent:
close(to_agent[1]);
free_and_return:
memset(full_path, 0, reset_length);
pam_overwrite_n(full_path, reset_length);
free(full_path);
D(("returning %d", return_code));
@ -301,10 +302,10 @@ int pamc_load(pamc_handle_t pch, const char *agent_id)
fail_free_agent_id:
memset(agent->id, 0, agent->id_length);
pam_overwrite_n(agent->id, agent->id_length);
free(agent->id);
memset(agent, 0, sizeof(*agent));
pam_overwrite_object(agent);
fail_free_agent: