diff options
author | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2010-03-16 18:20:51 +0100 |
---|---|---|
committer | Matthias Dieter Wallnöfer <mwallnoefer@yahoo.de> | 2010-03-16 18:20:51 +0100 |
commit | 2bdece18c62c5119d2a7c85b0044ec3c9234445c (patch) | |
tree | 669b698898fb71b5a0d44bed2e4ce82f2d726154 /source4/heimdal/lib | |
parent | a6c57472ab144eb6d77cc85f56d7bd3152146b1d (diff) | |
download | samba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.tar.gz samba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.tar.bz2 samba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.zip |
kerberos - set the memory to "0"s before freeing the password to prevent security issues
Diffstat (limited to 'source4/heimdal/lib')
-rw-r--r-- | source4/heimdal/lib/krb5/init_creds_pw.c | 8 |
1 files changed, 6 insertions, 2 deletions
diff --git a/source4/heimdal/lib/krb5/init_creds_pw.c b/source4/heimdal/lib/krb5/init_creds_pw.c index 5901c55319..c326fa4df7 100644 --- a/source4/heimdal/lib/krb5/init_creds_pw.c +++ b/source4/heimdal/lib/krb5/init_creds_pw.c @@ -107,8 +107,10 @@ free_init_creds_ctx(krb5_context context, krb5_init_creds_context ctx) free (ctx->pre_auth_types); if (ctx->in_tkt_service) free(ctx->in_tkt_service); - if (ctx->password) + if (ctx->password) { + memset(ctx->password, 0, strlen(ctx->password)); free(ctx->password); + } if (ctx->keytab_data) free(ctx->keytab_data); krb5_data_free(&ctx->req_buffer); @@ -1355,8 +1357,10 @@ krb5_init_creds_set_password(krb5_context context, krb5_init_creds_context ctx, const char *password) { - if (ctx->password) + if (ctx->password) { + memset(ctx->password, 0, strlen(ctx->password)); free(ctx->password); + } if (password) { ctx->password = strdup(password); if (ctx->password == NULL) { |