way that will heopfully not be optimized away by sneaky compilers.
char *prompt;
sudo_auth *auth;
{
- volatile char *pass;
+ char *pass;
char *message;
int reenter = 1;
int rval = AUTH_FAILURE;
if (pass) {
if (authenticate(pw->pw_name, (char *)pass, &reenter, &message) == 0)
rval = AUTH_SUCCESS;
- memset(pass, 0, strlen(pass));
+ zero_bytes(pass, strlen(pass));
}
return(rval);
}
char *prompt;
sudo_auth *auth;
{
- volatile char *pass;
+ char *pass;
char *s;
size_t len;
int authok = 0;
if (pass) {
authok = auth_userresponse(as, (char *)pass, 1);
- memset(pass, 0, strlen(pass));
+ zero_bytes(pass, strlen(pass));
}
/* restore old signal handler */
char *prompt;
sudo_auth *auth;
{
- volatile char *pass; /* Password from the user */
- volatile char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
+ char *pass; /* Password from the user */
+ char buf[SUDO_PASS_MAX + 12]; /* General prupose buffer */
char resp[128]; /* Response from the server */
int error;
extern int nil_pw;
warnx("%s", resp);
error = AUTH_FAILURE;
done:
- memset(pass, 0, strlen(pass));
- memset(buf, 0, strlen(buf));
+ zero_bytes(pass, strlen(pass));
+ zero_bytes(buf, strlen(buf));
return(error);
}
struct pam_response **response;
VOID *appdata_ptr;
{
- volatile struct pam_response *pr;
+ struct pam_response *pr;
PAM_CONST struct pam_message *pm;
const char *p = def_prompt;
- volatile char *pass;
+ char *pass;
int n, flags;
extern int nil_pw;
if ((*response = malloc(num_msg * sizeof(struct pam_response))) == NULL)
return(PAM_CONV_ERR);
- (void) memset(*response, 0, num_msg * sizeof(struct pam_response));
+ zero_bytes(*response, num_msg * sizeof(struct pam_response));
for (pr = *response, pm = *msg, n = num_msg; n--; pr++, pm++) {
flags = tgetpass_flags;
if (*pr->resp == '\0')
nil_pw = 1; /* empty password */
else
- memset(pass, 0, strlen(pass));
+ zero_bytes(pass, strlen(pass));
break;
case PAM_TEXT_INFO:
if (pm->msg)
/* Zero and free allocated memory and return an error. */
for (pr = *response, n = num_msg; n--; pr++) {
if (pr->resp != NULL) {
- (void) memset(pr->resp, 0, strlen(pr->resp));
+ zero_bytes(pr->resp, strlen(pr->resp));
free(pr->resp);
pr->resp = NULL;
}
}
- (void) memset(*response, 0,
- num_msg * sizeof(struct pam_response));
+ zero_bytes(*response, num_msg * sizeof(struct pam_response));
free(*response);
*response = NULL;
return(PAM_CONV_ERR);
int success = AUTH_FAILURE;
int status;
int flags;
- volatile char *p;
+ char *p;
sudo_auth *auth;
sigaction_t sa, osa;
}
#ifndef AUTH_STANDALONE
if (p)
- (void) memset(p, 0, strlen(p));
+ zero_bytes(p, strlen(p));
#endif
/* Exit loop on nil password, but give it a chance to match first. */
projects / sudo / commitdiff