From 1c16675283461658ad3b4a821b93ff52195a47c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Mon, 9 Jun 2003 00:47:28 +0000
Subject: [PATCH] Paranoia: clear buffers before returning.

Submitted by:	Dmitry V. Levin <ldv@altlinux.org>


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@250 185d5e19-27fe-0310-9dcf-9bff6b9f3609
---
 lib/openpam_ttyconv.c | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

diff --git a/lib/openpam_ttyconv.c b/lib/openpam_ttyconv.c
index 64deba9..c30745d 100644
--- a/lib/openpam_ttyconv.c
+++ b/lib/openpam_ttyconv.c
@@ -31,7 +31,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#20 $
+ * $P4: //depot/projects/openpam/lib/openpam_ttyconv.c#21 $
  */
 
 #include <sys/types.h>
@@ -68,6 +68,7 @@ prompt(const char *msg)
 	sigset_t saved_sigset, sigset;
 	unsigned int saved_alarm;
 	size_t len;
+	char *retval;
 
 	sigemptyset(&sigset);
 	sigaddset(&sigset, SIGINT);
@@ -89,14 +90,18 @@ prompt(const char *msg)
 	sigaction(SIGALRM, &saved_action, NULL);
 	sigprocmask(SIG_SETMASK, &saved_sigset, NULL);
 	alarm(saved_alarm);
-	if (timed_out || ferror(stdin) || feof(stdin))
+	if (timed_out || ferror(stdin) || feof(stdin)) {
+		memset(buf, 0, sizeof(buf));
 		return (NULL);
+	}
 	/* trim trailing whitespace */
 	for (len = strlen(buf); len > 0; --len)
 		if (!isspace(buf[len - 1]))
 			break;
 	buf[len] = '\0';
-	return (strdup(buf));
+	retval = strdup(buf);
+	memset(buf, 0, sizeof(buf));
+	return (retval);
 }
 
 static char *
@@ -179,7 +184,10 @@ openpam_ttyconv(int n,
 	RETURNC(PAM_SUCCESS);
  fail:
 	while (i)
-		FREE(resp[--i]);
+		if (resp[--i]->resp) {
+			memset(resp[i]->resp, 0, strlen(resp[i]->resp));
+			FREE(resp[i]->resp);
+		}
 	FREE(*resp);
 	RETURNC(PAM_CONV_ERR);
 }