diff options
| author | Nicholas Marriott <nicm@openbsd.org> | 2009-06-04 21:43:24 +0000 |
|---|---|---|
| committer | Nicholas Marriott <nicm@openbsd.org> | 2009-06-04 21:43:24 +0000 |
| commit | 50bd0948564c64d76acebf8f6c5b4f3ef7b6b4fc (patch) | |
| tree | 47681e4b8fbabd0b8bc8c7a31d513d6b3eacb22c | |
| parent | f031975dc09b7be9bdb32fd5256f8c325848b1f9 (diff) | |
| download | rtmux-50bd0948564c64d76acebf8f6c5b4f3ef7b6b4fc.tar.gz rtmux-50bd0948564c64d76acebf8f6c5b4f3ef7b6b4fc.tar.bz2 rtmux-50bd0948564c64d76acebf8f6c5b4f3ef7b6b4fc.zip | |
If the prompt is hidden or a password is sent with -U, zero it before freeing
it.
| -rw-r--r-- | server-msg.c | 5 | ||||
| -rw-r--r-- | status.c | 6 |
2 files changed, 9 insertions, 2 deletions
diff --git a/server-msg.c b/server-msg.c index cff23cd5..5eaa04db 100644 --- a/server-msg.c +++ b/server-msg.c @@ -278,13 +278,14 @@ server_msg_fn_unlock(struct hdr *hdr, struct client *c) if (server_unlock(pass) != 0) { #define MSG "bad password" server_write_client(c, MSG_ERROR, MSG, (sizeof MSG) - 1); - server_write_client(c, MSG_EXIT, NULL, 0); - return (0); #undef MSG } server_write_client(c, MSG_EXIT, NULL, 0); + memset(pass, 0, strlen(pass)); + xfree(pass); + return (0); } @@ -597,6 +597,8 @@ status_prompt_clear(struct client *c) xfree(c->prompt_string); c->prompt_string = NULL; + if (c->prompt_flags & PROMPT_HIDDEN) + memset(c->prompt_buffer, 0, strlen(c->prompt_buffer)); xfree(c->prompt_buffer); c->prompt_buffer = NULL; @@ -794,6 +796,8 @@ status_prompt_key(struct client *c, int key) if (ARRAY_LENGTH(&c->prompt_hdata) == 0) break; + if (c->prompt_flags & PROMPT_HIDDEN) + memset(c->prompt_buffer, 0, strlen(c->prompt_buffer)); xfree(c->prompt_buffer); c->prompt_buffer = xstrdup(ARRAY_ITEM(&c->prompt_hdata, @@ -808,6 +812,8 @@ status_prompt_key(struct client *c, int key) if (server_locked) break; + if (c->prompt_flags & PROMPT_HIDDEN) + memset(c->prompt_buffer, 0, strlen(c->prompt_buffer)); xfree(c->prompt_buffer); if (c->prompt_hindex != 0) { |