vipw: use explicit_bzero() to clear buffer after copy

This should make leaking end of /etc/shadow file more unlikely. Notice that there is now way to tell to editors they should ensure none it does not leak any buffers, drop cores, and so on, when editing sensitive data. In short this change is addressing the issue only partially. Signed-off-by: Sami Kerola <kerolasa@iki.fi>
author: Sami Kerola 2017-07-29 18:19:47 +0200
committer: Sami Kerola 2017-08-05 10:58:25 +0200
commit: 46df3aaae801b8d2b52b99356cd737e6e11a4e3c (patch)
tree: 4b35ba9e67ea9c3341d393ee93492c3070bf6b29 /login-utils/vipw.c
parent: include: move pamfail.h to auth.c (diff)
download: kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.tar.gz
kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.tar.xz
kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/login-utils/vipw.c b/login-utils/vipw.c
index 5999d8d15..b7650de8b 100644
--- a/login-utils/vipw.c
+++ b/login-utils/vipw.c
@@ -100,6 +100,9 @@ static void copyfile(int from, int to)
 
 	if (nr < 0)
 		pw_error(orig_file, 1, 1);
+#ifdef HAVE_EXPLICIT_BZERO
+	explicit_bzero(buf, sizeof(buf));
+#endif
 }
 
 static void pw_init(void)
author	Sami Kerola	2017-07-29 18:19:47 +0200
committer	Sami Kerola	2017-08-05 10:58:25 +0200
commit	46df3aaae801b8d2b52b99356cd737e6e11a4e3c (patch)
tree	4b35ba9e67ea9c3341d393ee93492c3070bf6b29 /login-utils/vipw.c
parent	include: move pamfail.h to auth.c (diff)
download	kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.tar.gz kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.tar.xz kernel-qcow2-util-linux-46df3aaae801b8d2b52b99356cd737e6e11a4e3c.zip