diff options
Diffstat (limited to 'src/crypt_sha256.c')
-rw-r--r-- | src/crypt_sha256.c | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/src/crypt_sha256.c b/src/crypt_sha256.c index c99cbfd..eff5eac 100644 --- a/src/crypt_sha256.c +++ b/src/crypt_sha256.c @@ -17,7 +17,7 @@ #define LEN_SHA_STR 9 #define LEN_FINAL_PASSWD LEN_ENC64 + LEN_SHA_STR -char* get_crypt_sha256(const char *p) +char* get_crypt_sha256(char *p) { int rand_fd; ssize_t size; @@ -32,6 +32,7 @@ char* get_crypt_sha256(const char *p) rand_fd = open(RAND_FILE, O_RDONLY); if (rand_fd < 0) { fprintf(stderr, "impossible to open " RAND_FILE "\n"); + memset(p, 0, len); exit(EXIT_FAILURE); } @@ -39,6 +40,7 @@ char* get_crypt_sha256(const char *p) close(rand_fd); if (size != LEN_SALT) { fprintf(stderr, "failed to read from " RAND_FILE "\n"); + memset(p, 0, len); exit(EXIT_FAILURE); } @@ -49,6 +51,10 @@ char* get_crypt_sha256(const char *p) memcpy(passwd_buff, sha_pwd, SHA256_DIGEST_LENGTH); memcpy(passwd_buff + SHA256_DIGEST_LENGTH, salt+len, LEN_SALT); + /* clear plaintext passwd copy */ + memset(salt, 0, len + LEN_SALT); + free(salt); + EVP_EncodeBlock(enc64_pwd, passwd_buff, SHA256_DIGEST_LENGTH + LEN_SALT); |