diff options
| author | Ulrich Drepper <drepper@redhat.com> | 2000-07-05 22:34:10 +0000 |
|---|---|---|
| committer | Ulrich Drepper <drepper@redhat.com> | 2000-07-05 22:34:10 +0000 |
| commit | 11b3488225fff62fe08631c3d2a2d2ec6c48d90c (patch) | |
| tree | 06335438eb3da12bbc5d0d2d0d86f02a17c2a926 /crypt | |
| parent | f3e29a1a0f56035dcc343afea952dd8c0d4f42d0 (diff) | |
| download | glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.gz glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.xz glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.zip | |
Update.
* crypt/md5-crypt.c (__md5_crypt_r): Clear arrays the key and salt string got copied in. Patch by Solar Designer <solar@false.com>. 2000-07-05 Andreas Jaeger <aj@suse.de> * manual/install.texi (Installation): Update information about add-ons. (Configuring and compiling): Update for glibc 2.2. 2000-07-04 Andreas Jaeger <aj@suse.de> * sysdeps/i386/fpu_control.h (_FPU_DEFAULT): Correct value. (_FPU_IEEE): Likewise. * math/Makefile (tests): Add test-fpucw. * math/test-fpucw.c (main): New file. 2000-07-05 Ulrich Drepper <drepper@redhat.com>
Diffstat (limited to 'crypt')
| -rw-r--r-- | crypt/md5-crypt.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/crypt/md5-crypt.c b/crypt/md5-crypt.c index 3b20ed157d..6340502193 100644 --- a/crypt/md5-crypt.c +++ b/crypt/md5-crypt.c @@ -60,6 +60,8 @@ __md5_crypt_r (key, salt, buffer, buflen) size_t key_len; size_t cnt; char *cp; + int key_copied = 0; + int salt_copied = 0; /* Find beginning of salt string. The prefix should normally always be present. Just in case it is not. */ @@ -77,6 +79,7 @@ __md5_crypt_r (key, salt, buffer, buflen) - (tmp - (char *) 0) % __alignof__ (md5_uint32), key, key_len); assert ((key - (char *) 0) % __alignof__ (md5_uint32) == 0); + key_copied = 1; } if ((salt - (char *) 0) % __alignof__ (md5_uint32) != 0) @@ -86,6 +89,7 @@ __md5_crypt_r (key, salt, buffer, buflen) - (tmp - (char *) 0) % __alignof__ (md5_uint32), salt, salt_len); assert ((salt - (char *) 0) % __alignof__ (md5_uint32) == 0); + salt_copied = 1; } /* Prepare for the real work. */ @@ -215,8 +219,16 @@ __md5_crypt_r (key, salt, buffer, buflen) /* Clear the buffer for the intermediate result so that people attaching to processes or reading core dumps cannot get any - information. */ - memset (alt_result, '\0', sizeof (alt_result)); + information. We do it in this way to clear correct_words[] + inside the MD5 implementation as well. */ + __md5_init_ctx (&ctx); + __md5_finish_ctx (&ctx, alt_result); + memset (&ctx, '\0', sizeof (ctx)); + memset (&alt_ctx, '\0', sizeof (alt_ctx)); + if (key_copied) + memset (key, '\0', key_len); + if (salt_copied) + memset (salt, '\0', salt_len); return buffer; } |