Date: Sat, 16 Feb 2013 12:45:57 +0000 (UTC) From: Dimitry Andric <dim@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r246873 - head/contrib/opie Message-ID: <201302161245.r1GCjvA1083348@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: dim Date: Sat Feb 16 12:45:57 2013 New Revision: 246873 URL: http://svnweb.freebsd.org/changeset/base/246873 Log: In contrib/opie/opiekey.c, use the correct length to zero the secret. Found by: clang ToT Reviewed by: delphij MFC after: 3 days Modified: head/contrib/opie/opiekey.c Modified: head/contrib/opie/opiekey.c ============================================================================== --- head/contrib/opie/opiekey.c Sat Feb 16 06:07:07 2013 (r246872) +++ head/contrib/opie/opiekey.c Sat Feb 16 12:45:57 2013 (r246873) @@ -109,19 +109,19 @@ static void getsecret FUNCTION((secret, if (!opiereadpass(verify, OPIE_SECRET_MAX, 0)) { fprintf(stderr, "Error reading %ssecret pass phrase!\n", promptextra); memset(verify, 0, sizeof(verify)); - memset(secret, 0, sizeof(secret)); + memset(secret, 0, OPIE_SECRET_MAX + 1); exit(1); } if (verify[0] && strcmp(verify, secret)) { fprintf(stderr, "They don't match. Try again.\n"); memset(verify, 0, sizeof(verify)); - memset(secret, 0, sizeof(secret)); + memset(secret, 0, OPIE_SECRET_MAX + 1); exit(1); } memset(verify, 0, sizeof(verify)); } if (!(flags & 2) && !aflag && opiepasscheck(secret)) { - memset(secret, 0, sizeof(secret)); + memset(secret, 0, OPIE_SECRET_MAX + 1); fprintf(stderr, "Secret pass phrases must be between %d and %d characters long.\n", OPIE_SECRET_MIN, OPIE_SECRET_MAX); exit(1); };
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201302161245.r1GCjvA1083348>