commit: c4ec30e346e9db12167b9d34a4a3441376c64252
parent 4ca7ffd20371a74190bbc6ef97a23f2a93edb38b
Author: Haelwenn (lanodan) Monnier <contact@hacktivis.me>
Date: Tue, 1 Nov 2022 17:54:29 +0100
login,su: Run explicit_bzero on invalid authentication as well
Diffstat:
2 files changed, 11 insertions(+), 8 deletions(-)
diff --git a/login.c b/login.c
@@ -147,15 +147,17 @@ main(int argc, char *argv[])
return 1;
}
- if(!skeud_crypt_check(pw_hash, password))
+ bool valid_p = skeud_crypt_check(pw_hash, password);
+
+ explicit_bzero(password, got);
+ if(pw_hash) explicit_bzero(pw_hash, sizeof(pw_hash));
+
+ if(!valid_p)
{
sleep(2);
fprintf(stderr, "login: Invalid username or password\n");
return 1;
}
-
- explicit_bzero(password, got);
- if(pw_hash) explicit_bzero(pw_hash, sizeof(pw_hash));
}
if(!opt_p)
diff --git a/su.c b/su.c
@@ -142,15 +142,16 @@ main(int argc, char *argv[])
return 1;
}
- if(!skeud_crypt_check(pw_hash, password))
+ bool valid_p = skeud_crypt_check(pw_hash, password);
+ explicit_bzero(password, got);
+ if(pw_hash) explicit_bzero(pw_hash, sizeof(pw_hash));
+
+ if(!valid_p)
{
sleep(2);
fprintf(stderr, "su: Invalid username or password\n");
return 1;
}
-
- explicit_bzero(password, got);
- if(pw_hash) explicit_bzero(pw_hash, sizeof(pw_hash));
}
if(!opt_p)
