only found 1 place we dont zero out desklock pw asap after its not

needed anymore. SVN revision: 75541
2012-08-22 11:41:08 +00:00 · 2012-08-22 11:41:08 +00:00 · f88ad21893
parent 88aaed9233
commit f88ad21893
1 changed files with 20 additions and 14 deletions
--- a/src/bin/e_desklock.c
+++ b/src/bin/e_desklock.c
@ -843,24 +843,30 @@ _e_desklock_check_auth(void)
   if (!edd) return 0;
 #ifdef HAVE_PAM
   if (e_config->desklock_auth_method == 0)
-     return _desklock_auth(edd->passwd);
+     {
+        int ret;
+        
+        ret = _desklock_auth(edd->passwd);
+        // passwd off in child proc now - null out from parent
+        memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
+     }
   else if (e_config->desklock_auth_method == 1)
     {
 #endif
-   if ((e_config->desklock_personal_passwd) &&
-       (!strcmp(!edd->passwd ? "" : edd->passwd,
-                !e_config->desklock_personal_passwd ? "" :
-                e_config->desklock_personal_passwd)))
-     {
-        /* password ok */
-        /* security - null out passwd string once we are done with it */
-        memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
-        e_desklock_hide();
-        return 1;
-     }
+        if ((e_config->desklock_personal_passwd) &&
+            (!strcmp(!edd->passwd ? "" : edd->passwd,
+                     !e_config->desklock_personal_passwd ? "" :
+                     e_config->desklock_personal_passwd)))
+          {
+             /* password ok */
+             /* security - null out passwd string once we are done with it */
+             memset(edd->passwd, 0, sizeof(char) * PASSWD_LEN);
+             e_desklock_hide();
+             return 1;
+          }
 #ifdef HAVE_PAM
-}
-
+     }
+   
 #endif
   /* password is definitely wrong */
   _e_desklock_state_set(E_DESKLOCK_STATE_INVALID);