diff options
Diffstat (limited to 'auth2-passwd.c')
| -rw-r--r-- | auth2-passwd.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/auth2-passwd.c b/auth2-passwd.c index 21bc5047d..707680cd0 100644 --- a/auth2-passwd.c +++ b/auth2-passwd.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: auth2-passwd.c,v 1.10 2013/05/17 00:13:13 djm Exp $ */ | 1 | /* $OpenBSD: auth2-passwd.c,v 1.11 2014/02/02 03:44:31 djm Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. | 3 | * Copyright (c) 2000 Markus Friedl. All rights reserved. |
| 4 | * | 4 | * |
| @@ -59,7 +59,7 @@ userauth_passwd(Authctxt *authctxt) | |||
| 59 | if (change) { | 59 | if (change) { |
| 60 | /* discard new password from packet */ | 60 | /* discard new password from packet */ |
| 61 | newpass = packet_get_string(&newlen); | 61 | newpass = packet_get_string(&newlen); |
| 62 | memset(newpass, 0, newlen); | 62 | explicit_bzero(newpass, newlen); |
| 63 | free(newpass); | 63 | free(newpass); |
| 64 | } | 64 | } |
| 65 | packet_check_eom(); | 65 | packet_check_eom(); |
| @@ -68,7 +68,7 @@ userauth_passwd(Authctxt *authctxt) | |||
| 68 | logit("password change not supported"); | 68 | logit("password change not supported"); |
| 69 | else if (PRIVSEP(auth_password(authctxt, password)) == 1) | 69 | else if (PRIVSEP(auth_password(authctxt, password)) == 1) |
| 70 | authenticated = 1; | 70 | authenticated = 1; |
| 71 | memset(password, 0, len); | 71 | explicit_bzero(password, len); |
| 72 | free(password); | 72 | free(password); |
| 73 | return authenticated; | 73 | return authenticated; |
| 74 | } | 74 | } |