[Midnightbsd-cvs] src [8790] trunk/contrib/opie/opiekey.c: use the correct length to zero the secret.

laffer1 at midnightbsd.org laffer1 at midnightbsd.org
Sun Sep 25 23:18:06 EDT 2016


Revision: 8790
          http://svnweb.midnightbsd.org/src/?rev=8790
Author:   laffer1
Date:     2016-09-25 23:18:06 -0400 (Sun, 25 Sep 2016)
Log Message:
-----------
use the correct length to zero the secret.

Modified Paths:
--------------
    trunk/contrib/opie/opiekey.c

Modified: trunk/contrib/opie/opiekey.c
===================================================================
--- trunk/contrib/opie/opiekey.c	2016-09-26 03:17:08 UTC (rev 8789)
+++ trunk/contrib/opie/opiekey.c	2016-09-26 03:18:06 UTC (rev 8790)
@@ -109,19 +109,19 @@
     if (!opiereadpass(verify, OPIE_SECRET_MAX, 0)) {
       fprintf(stderr, "Error reading %ssecret pass phrase!\n", promptextra);
       memset(verify, 0, sizeof(verify));
-      memset(secret, 0, sizeof(secret));
+      memset(secret, 0, OPIE_SECRET_MAX + 1);
       exit(1);
     }
     if (verify[0] && strcmp(verify, secret)) {
       fprintf(stderr, "They don't match. Try again.\n");
       memset(verify, 0, sizeof(verify));
-      memset(secret, 0, sizeof(secret));
+      memset(secret, 0, OPIE_SECRET_MAX + 1);
       exit(1);
     }
     memset(verify, 0, sizeof(verify));
   }
   if (!(flags & 2) && !aflag && opiepasscheck(secret)) {
-    memset(secret, 0, sizeof(secret));
+    memset(secret, 0, OPIE_SECRET_MAX + 1);
     fprintf(stderr, "Secret pass phrases must be between %d and %d characters long.\n", OPIE_SECRET_MIN, OPIE_SECRET_MAX);
     exit(1);
   };



More information about the Midnightbsd-cvs mailing list