commit b6e4a367e2605da98d418bebcd44a2d0f913dab1 Author: Jakob Kramer <[email protected]> Date: Wed Apr 30 14:15:26 2014 +0200
su: zero out encrypted passwords
diff --git a/su.c b/su.c
index c93d9c8..d24157a 100644
--- a/su.c
+++ b/su.c
@@ -86,6 +86,8 @@ main(int argc, char *argv[])
if (strcmp(cryptpass, spw->sp_pwdp) != 0)
eprintf(randreply());
+ explicit_bzero(cryptpass, strlen(cryptpass));
+ explicit_bzero(spw, sizeof *spw);
}
errno = 0;
