summaryrefslogtreecommitdiff
path: root/source4/heimdal
diff options
context:
space:
mode:
authorMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2010-03-16 18:20:51 +0100
committerMatthias Dieter Wallnöfer <mwallnoefer@yahoo.de>2010-03-16 18:20:51 +0100
commit2bdece18c62c5119d2a7c85b0044ec3c9234445c (patch)
tree669b698898fb71b5a0d44bed2e4ce82f2d726154 /source4/heimdal
parenta6c57472ab144eb6d77cc85f56d7bd3152146b1d (diff)
downloadsamba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.tar.gz
samba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.tar.bz2
samba-2bdece18c62c5119d2a7c85b0044ec3c9234445c.zip
kerberos - set the memory to "0"s before freeing the password to prevent security issues
Diffstat (limited to 'source4/heimdal')
-rw-r--r--source4/heimdal/lib/krb5/init_creds_pw.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/source4/heimdal/lib/krb5/init_creds_pw.c b/source4/heimdal/lib/krb5/init_creds_pw.c
index 5901c55319..c326fa4df7 100644
--- a/source4/heimdal/lib/krb5/init_creds_pw.c
+++ b/source4/heimdal/lib/krb5/init_creds_pw.c
@@ -107,8 +107,10 @@ free_init_creds_ctx(krb5_context context, krb5_init_creds_context ctx)
free (ctx->pre_auth_types);
if (ctx->in_tkt_service)
free(ctx->in_tkt_service);
- if (ctx->password)
+ if (ctx->password) {
+ memset(ctx->password, 0, strlen(ctx->password));
free(ctx->password);
+ }
if (ctx->keytab_data)
free(ctx->keytab_data);
krb5_data_free(&ctx->req_buffer);
@@ -1355,8 +1357,10 @@ krb5_init_creds_set_password(krb5_context context,
krb5_init_creds_context ctx,
const char *password)
{
- if (ctx->password)
+ if (ctx->password) {
+ memset(ctx->password, 0, strlen(ctx->password));
free(ctx->password);
+ }
if (password) {
ctx->password = strdup(password);
if (ctx->password == NULL) {