From 298b19ac932f82f4c0b4d5bc2d1d252afb1aed9b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Dag-Erling=20Sm=C3=B8rgrav?= <des@des.no>
Date: Sat, 2 Feb 2002 17:47:36 +0000
Subject: [PATCH] Clobber items before freeing them.

Sponsored by:	DARPA, NAI Labs


git-svn-id: svn+ssh://svn.openpam.org/svn/openpam/trunk@17 185d5e19-27fe-0310-9dcf-9bff6b9f3609
---
 lib/pam_set_item.c | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/lib/pam_set_item.c b/lib/pam_set_item.c
index dd3f2d9..1cebfd5 100644
--- a/lib/pam_set_item.c
+++ b/lib/pam_set_item.c
@@ -55,11 +55,13 @@ pam_set_item(pam_handle_t *pamh,
 	int item_type,
 	const void *item)
 {
-	void *tmp;
+	void **slot, *tmp;
+	size_t size;
 
 	if (pamh == NULL)
 		return (PAM_SYSTEM_ERR);
 
+	slot = &pamh->item[item_type];
 	switch (item_type) {
 	case PAM_SERVICE:
 	case PAM_USER:
@@ -70,26 +72,24 @@ pam_set_item(pam_handle_t *pamh,
 	case PAM_RUSER:
 	case PAM_USER_PROMPT:
 	case PAM_AUTHTOK_PROMPT:
-		if (item == NULL) {
-			tmp = NULL;
-			break;
-		}
-		if ((tmp = strdup(item)) == NULL)
-			return (PAM_BUF_ERR);
+		size = strlen(*slot) + 1;
+		if (item != NULL)
+			tmp = strdup(item);
 		break;
 	case PAM_CONV:
-		if (item == NULL) {
-			tmp = NULL;
-			break;
-		}
-		if ((tmp = malloc(sizeof(struct pam_conv))) == NULL)
-			return (PAM_BUF_ERR);
-		memcpy(tmp, item, sizeof(struct pam_conv));
+		size = sizeof(struct pam_conv);
+		if (item != NULL)
+			tmp = malloc(size);
 		break;
 	default:
 		return (PAM_SYSTEM_ERR);
 	}
-	free(pamh->item[item_type]);
-	pamh->item[item_type] = tmp;
+	if (item != NULL && tmp == NULL)
+		return (PAM_BUF_ERR);
+	if (*slot != NULL) {
+		memset(*slot, 0xd0, size);
+		free(*slot);
+	}
+	*slot = tmp;
 	return (PAM_SUCCESS);
 }