Welcome to mirror list, hosted at ThFree Co, Russian Federation.

cygwin.com/git/newlib-cygwin.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorCorinna Vinschen <corinna@vinschen.de>2008-12-15 20:39:21 +0300
committerCorinna Vinschen <corinna@vinschen.de>2008-12-15 20:39:21 +0300
commitd08afb78d18df23a46d19c92f0f7f22e6b96a72d (patch)
tree2e19da5e6a8f64b840aa98f822928b472d63dbb0
parent8d12bd32cd6d72a2a220b4e6580096f5d293a611 (diff)
* setpwd.cc (client_request_setpwd::serve): Explicitely erase password
buffer content after usage.
Diffstat
-rw-r--r--winsup/cygserver/ChangeLog5
-rw-r--r--winsup/cygserver/setpwd.cc2
2 files changed, 7 insertions, 0 deletions
diff --git a/winsup/cygserver/ChangeLog b/winsup/cygserver/ChangeLog
index 0ba9e4685..04054741b 100644
--- a/winsup/cygserver/ChangeLog
+++ b/winsup/cygserver/ChangeLog
@@ -1,3 +1,8 @@
+2008-12-15 Corinna Vinschen <corinna@vinschen.de>
+
+ * setpwd.cc (client_request_setpwd::serve): Explicitely erase password
+ buffer content after usage.
+
2008-11-26 Corinna Vinschen <corinna@vinschen.de>
* Makefile.in (OBJS): Add setpwd.o.
diff --git a/winsup/cygserver/setpwd.cc b/winsup/cygserver/setpwd.cc
index 39989f86a..70d96cd57 100644
--- a/winsup/cygserver/setpwd.cc
+++ b/winsup/cygserver/setpwd.cc
@@ -90,6 +90,8 @@ client_request_setpwd::serve (transport_layer_base *const conn,
RtlAppendUnicodeStringToString (&key, &sid);
RtlInitUnicodeString (&data, _parameters.in.passwd);
status = LsaStorePrivateData (lsa, &key, data.Length ? &data : NULL);
+ if (data.Length)
+ memset (data.Buffer, 0, data.Length);
if (NT_SUCCESS (status))
error_code (0);
else
generated by cgit v1.2.3 (git 2.25.1) at 2024-06-08 04:03:30 +0300