about summary refs log tree commit diff
path: root/crypt
diff options
context:
space:
mode:
authorUlrich Drepper <drepper@redhat.com>2000-07-05 22:34:10 +0000
committerUlrich Drepper <drepper@redhat.com>2000-07-05 22:34:10 +0000
commit11b3488225fff62fe08631c3d2a2d2ec6c48d90c (patch)
tree06335438eb3da12bbc5d0d2d0d86f02a17c2a926 /crypt
parentf3e29a1a0f56035dcc343afea952dd8c0d4f42d0 (diff)
downloadglibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.gz
glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.xz
glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.zip
Update.
	* crypt/md5-crypt.c (__md5_crypt_r): Clear arrays the key and salt
	string got copied in.
	Patch by Solar Designer <solar@false.com>.

2000-07-05  Andreas Jaeger  <aj@suse.de>

	* manual/install.texi (Installation): Update information about
	add-ons.
	(Configuring and compiling): Update for glibc 2.2.

2000-07-04  Andreas Jaeger  <aj@suse.de>

	* sysdeps/i386/fpu_control.h (_FPU_DEFAULT): Correct value.
	(_FPU_IEEE): Likewise.

	* math/Makefile (tests): Add test-fpucw.

	* math/test-fpucw.c (main): New file.

2000-07-05  Ulrich Drepper  <drepper@redhat.com>
Diffstat (limited to 'crypt')
-rw-r--r--crypt/md5-crypt.c16
1 files changed, 14 insertions, 2 deletions
diff --git a/crypt/md5-crypt.c b/crypt/md5-crypt.c
index 3b20ed157d..6340502193 100644
--- a/crypt/md5-crypt.c
+++ b/crypt/md5-crypt.c
@@ -60,6 +60,8 @@ __md5_crypt_r (key, salt, buffer, buflen)
   size_t key_len;
   size_t cnt;
   char *cp;
+  int key_copied = 0;
+  int salt_copied = 0;
 
   /* Find beginning of salt string.  The prefix should normally always
      be present.  Just in case it is not.  */
@@ -77,6 +79,7 @@ __md5_crypt_r (key, salt, buffer, buflen)
 		    - (tmp - (char *) 0) % __alignof__ (md5_uint32),
 		    key, key_len);
       assert ((key - (char *) 0) % __alignof__ (md5_uint32) == 0);
+      key_copied = 1;
     }
 
   if ((salt - (char *) 0) % __alignof__ (md5_uint32) != 0)
@@ -86,6 +89,7 @@ __md5_crypt_r (key, salt, buffer, buflen)
 		     - (tmp - (char *) 0) % __alignof__ (md5_uint32),
 		     salt, salt_len);
       assert ((salt - (char *) 0) % __alignof__ (md5_uint32) == 0);
+      salt_copied = 1;
     }
 
   /* Prepare for the real work.  */
@@ -215,8 +219,16 @@ __md5_crypt_r (key, salt, buffer, buflen)
 
   /* Clear the buffer for the intermediate result so that people
      attaching to processes or reading core dumps cannot get any
-     information.  */
-  memset (alt_result, '\0', sizeof (alt_result));
+     information.  We do it in this way to clear correct_words[]
+     inside the MD5 implementation as well.  */
+  __md5_init_ctx (&ctx);
+  __md5_finish_ctx (&ctx, alt_result);
+  memset (&ctx, '\0', sizeof (ctx));
+  memset (&alt_ctx, '\0', sizeof (alt_ctx));
+  if (key_copied)
+    memset (key, '\0', key_len);
+  if (salt_copied)
+    memset (salt, '\0', salt_len);
 
   return buffer;
 }