svn commit: r246980 - in stable: 7/contrib/opie 8/contrib/opie 9/contrib/opie

Dimitry Andric dim at FreeBSD.org
Tue Feb 19 07:50:12 UTC 2013


Author: dim
Date: Tue Feb 19 07:50:10 2013
New Revision: 246980
URL: http://svnweb.freebsd.org/changeset/base/246980

Log:
  MFC r246873:
  
  In contrib/opie/opiekey.c, use the correct length to zero the secret.
  
  Found by:	clang ToT
  Reviewed by:	delphij

Modified:
  stable/9/contrib/opie/opiekey.c
Directory Properties:
  stable/9/contrib/opie/   (props changed)

Changes in other areas also in this revision:
Modified:
  stable/7/contrib/opie/opiekey.c
  stable/8/contrib/opie/opiekey.c
Directory Properties:
  stable/7/contrib/opie/   (props changed)
  stable/8/contrib/opie/   (props changed)

Modified: stable/9/contrib/opie/opiekey.c
==============================================================================
--- stable/9/contrib/opie/opiekey.c	Tue Feb 19 06:42:12 2013	(r246979)
+++ stable/9/contrib/opie/opiekey.c	Tue Feb 19 07:50:10 2013	(r246980)
@@ -109,19 +109,19 @@ static void getsecret FUNCTION((secret, 
     if (!opiereadpass(verify, OPIE_SECRET_MAX, 0)) {
       fprintf(stderr, "Error reading %ssecret pass phrase!\n", promptextra);
       memset(verify, 0, sizeof(verify));
-      memset(secret, 0, sizeof(secret));
+      memset(secret, 0, OPIE_SECRET_MAX + 1);
       exit(1);
     }
     if (verify[0] && strcmp(verify, secret)) {
       fprintf(stderr, "They don't match. Try again.\n");
       memset(verify, 0, sizeof(verify));
-      memset(secret, 0, sizeof(secret));
+      memset(secret, 0, OPIE_SECRET_MAX + 1);
       exit(1);
     }
     memset(verify, 0, sizeof(verify));
   }
   if (!(flags & 2) && !aflag && opiepasscheck(secret)) {
-    memset(secret, 0, sizeof(secret));
+    memset(secret, 0, OPIE_SECRET_MAX + 1);
     fprintf(stderr, "Secret pass phrases must be between %d and %d characters long.\n", OPIE_SECRET_MIN, OPIE_SECRET_MAX);
     exit(1);
   };


More information about the svn-src-stable-9 mailing list