From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Mon, 15 Nov 2004 17:05:54 +0000 (+0000)
Subject: Paranoia; zero out pw_passwd before freeing passwd entry.
X-Git-Tag: SUDO_1_7_0~830
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=77cb1b56aac0f00cc7245077bab9efd581b95809;p=sudo

Paranoia; zero out pw_passwd before freeing passwd entry.
---

diff --git a/CHANGES b/CHANGES
index 6e60923d9..c91e87287 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1767,3 +1767,5 @@ Sudo 1.6.8p2 released.
      users' privs.
 
 559) The "secure_path" run-time Defaults option has been restored.
+
+560) Password data is now cached for fast lookup.
diff --git a/getspwuid.c b/getspwuid.c
index b6e1d01f0..4ffcba93b 100644
--- a/getspwuid.c
+++ b/getspwuid.c
@@ -83,8 +83,9 @@ int crypt_type = INT_MAX;
 static struct rbtree *cache_byuid;
 static struct rbtree *cache_byname;
 
-static int cmp_byuid	__P((const VOID *, const VOID *));
-static int cmp_byname	__P((const VOID *, const VOID *));
+static int  cmp_byuid	__P((const VOID *, const VOID *));
+static int  cmp_byname	__P((const VOID *, const VOID *));
+static void pw_free	__P((VOID *));
 
 /*
  * Compare by uid.
@@ -416,8 +417,18 @@ sudo_endpwent()
 #ifdef HAVE_GETAUTHUID
     endauthent();
 #endif
-    rbdestroy(cache_byuid, (void (*)__P((VOID *))) free);
+    rbdestroy(cache_byuid, pw_free);
     cache_byuid = NULL;
     rbdestroy(cache_byname, NULL);
     cache_byname = NULL;
 }
+
+static void
+pw_free(v)
+    VOID *v;
+{
+    struct passwd *pw = (struct passwd *) v;
+
+    zero_bytes(pw->pw_passwd, strlen(pw->pw_passwd));
+    free(pw);
+}