styx
/
enlightenment
forked from enlightenment/enlightenment
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

e auth - also use wrapped memory zeroing in polkit and normal auth 

fix CID 1425207
This commit is contained in:
Carsten Haitzler 2020-04-19 01:17:39 +01:00
parent 569146ed6a
commit f4c49a071f
1 changed files with 3 additions and 10 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
src/bin/e_auth.c
View File

@ -38,7 +38,7 @@ out:
E_API int
e_auth_polkit_begin(char *passwd, const char *cookie, unsigned int uid)
{
char buf[PATH_MAX], *p;
char buf[PATH_MAX];
Ecore_Exe *exe = NULL;
int ret = 0;
size_t pwlen, buflen = 0;
@ -67,14 +67,7 @@ e_auth_polkit_begin(char *passwd, const char *cookie, unsigned int uid)
out:
if (exe) ecore_exe_free(exe);
/* security - null out passwd string once we are done with it */
for (p = passwd; *p; p++) *p = 0;
if (passwd[rand() % pwlen]) fprintf(stderr, "ACK!\n");
/* security - null out buf string once we are done with it */
if (buflen > 0)
{
for (p = buf; *p; p++) *p = 0;
if (buf[rand() % buflen]) fprintf(stderr, "ACK!\n");
}
e_util_memclear(passwd, pwlen);
e_util_memclear(buf, buflen);
return ret;
}