Clear buffers before free-ing

This clears most buffers that may hold credentials at one point before free()ing the memory.
author: Arthur de Jong <arthur@arthurdejong.org> 2014-05-14 21:29:38 +0200
committer: Arthur de Jong <arthur@arthurdejong.org> 2014-05-17 00:03:46 +0200
commit: 3d29861e86e2044dc4dfbf6f2615c3e567c7a4f6 (patch)
tree: a69faa3574b22281d2e1b2f913003a84116c547d /nslcd
parent: aa1d81059227782b1660c742b9f9d961b43aaf71 (diff)
2 files changed, 18 insertions, 0 deletions
diff --git a/nslcd/myldap.c b/nslcd/myldap.c
index 78968ae..7babe0e 100644
--- a/nslcd/myldap.c
+++ b/nslcd/myldap.c
@@ -318,6 +318,7 @@ static MYLDAP_SESSION *myldap_session_new(void)
   for (i = 0; i < MAX_SEARCHES_IN_SESSION; i++)
     session->searches[i] = NULL;
   session->binddn[0] = '\0';
+  memset(session->bindpw, 0, sizeof(session->bindpw));
   session->bindpw[0] = '\0';
   session->policy_response = NSLCD_PAM_SUCCESS;
   session->policy_message[0] = '\0';
@@ -1195,6 +1196,7 @@ void myldap_session_close(MYLDAP_SESSION *session)
   /* close any open connections */
   do_close(session);
   /* free allocated memory */
+  memset(session->bindpw, 0, sizeof(session->bindpw));
   free(session);
 }
 
diff --git a/nslcd/pam.c b/nslcd/pam.c
index 2240504..96e045a 100644
--- a/nslcd/pam.c
+++ b/nslcd/pam.c
@@ -293,6 +293,7 @@ int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
     {
       log_log(LOG_NOTICE, "rootpwmoddn not configured");
       /* we break the protocol */
+      memset(password, 0, sizeof(password));
       return -1;
     }
     userdn = nslcd_cfg->rootpwmoddn;
@@ -302,6 +303,7 @@ int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
       if (strlen(nslcd_cfg->rootpwmodpw) >= sizeof(password))
       {
         log_log(LOG_ERR, "nslcd_pam_authc(): rootpwmodpw will not fit in password");
+        memset(password, 0, sizeof(password));
         return -1;
       }
       strcpy(password, nslcd_cfg->rootpwmodpw);
@@ -318,6 +320,7 @@ int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
       {
         WRITE_INT32(fp, NSLCD_RESULT_END);
       }
+      memset(password, 0, sizeof(password));
       return -1;
     }
     userdn = myldap_get_dn(entry);
@@ -344,6 +347,7 @@ int nslcd_pam_authc(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
   WRITE_INT32(fp, authzrc);
   WRITE_STRING(fp, authzmsg);
   WRITE_INT32(fp, NSLCD_RESULT_END);
+  memset(password, 0, sizeof(password));
   return 0;
 }
 
@@ -765,6 +769,8 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
     {
       WRITE_INT32(fp, NSLCD_RESULT_END);
     }
+    memset(oldpassword, 0, sizeof(oldpassword));
+    memset(newpassword, 0, sizeof(newpassword));
     return -1;
   }
   /* check if pam_password_prohibit_message is set */
@@ -775,6 +781,8 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
     WRITE_INT32(fp, NSLCD_PAM_PERM_DENIED);
     WRITE_STRING(fp, nslcd_cfg->pam_password_prohibit_message);
     WRITE_INT32(fp, NSLCD_RESULT_END);
+    memset(oldpassword, 0, sizeof(oldpassword));
+    memset(newpassword, 0, sizeof(newpassword));
     return 0;
   }
   /* check if the the user passed the rootpwmoddn */
@@ -788,6 +796,8 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
       if (strlen(nslcd_cfg->rootpwmodpw) >= sizeof(oldpassword))
       {
         log_log(LOG_ERR, "nslcd_pam_pwmod(): rootpwmodpw will not fit in oldpassword");
+        memset(oldpassword, 0, sizeof(oldpassword));
+        memset(newpassword, 0, sizeof(newpassword));
         return -1;
       }
       strcpy(oldpassword, nslcd_cfg->rootpwmodpw);
@@ -804,6 +814,8 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
       WRITE_INT32(fp, rc);
       WRITE_STRING(fp, authzmsg);
       WRITE_INT32(fp, NSLCD_RESULT_END);
+      memset(oldpassword, 0, sizeof(oldpassword));
+      memset(newpassword, 0, sizeof(newpassword));
       return 0;
     }
   }
@@ -819,6 +831,8 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
     WRITE_INT32(fp, NSLCD_PAM_PERM_DENIED);
     WRITE_STRING(fp, authzmsg);
     WRITE_INT32(fp, NSLCD_RESULT_END);
+    memset(oldpassword, 0, sizeof(oldpassword));
+    memset(newpassword, 0, sizeof(newpassword));
     return 0;
   }
   /* write response */
@@ -827,5 +841,7 @@ int nslcd_pam_pwmod(TFILE *fp, MYLDAP_SESSION *session, uid_t calleruid)
   WRITE_INT32(fp, NSLCD_PAM_SUCCESS);
   WRITE_STRING(fp, "");
   WRITE_INT32(fp, NSLCD_RESULT_END);
+  memset(oldpassword, 0, sizeof(oldpassword));
+  memset(newpassword, 0, sizeof(newpassword));
   return 0;
 }
author	Arthur de Jong <arthur@arthurdejong.org>	2014-05-14 21:29:38 +0200
committer	Arthur de Jong <arthur@arthurdejong.org>	2014-05-17 00:03:46 +0200
commit	3d29861e86e2044dc4dfbf6f2615c3e567c7a4f6 (patch)
tree	a69faa3574b22281d2e1b2f913003a84116c547d /nslcd
parent	aa1d81059227782b1660c742b9f9d961b43aaf71 (diff)