[openssh-commits] [openssh] 03/03: upstream: f sshpkt functions fail, then password is not cleared

[git+noreply at mindrot.org]

This is an automated email from the git hooks/post-receive script.

dtucker pushed a commit to branch master
in repository openssh.

commit 2c334fd36f80cb91cc42e4b978b10aa35e0df236
Author: dtucker at openbsd.org <dtucker at openbsd.org>
Date:   Fri May 27 04:29:40 2022 +0000

    upstream: f sshpkt functions fail, then password is not cleared
    
    with freezero. Unconditionally call freezero to guarantee that password is
    removed from RAM.
    
    From tobias@ and c3h2_ctf via github PR#286, ok djm@
    
    OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
---
 auth2-passwd.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/auth2-passwd.c b/auth2-passwd.c
index f8a6dbc1..cc12cfbc 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.20 2021/12/19 22:12:07 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.21 2022/05/27 04:29:40 dtucker Exp $ */
 /*
  * Copyright (c) 2000 Markus Friedl.  All rights reserved.
  *
@@ -51,16 +51,18 @@ extern ServerOptions options;
 static int
 userauth_passwd(struct ssh *ssh, const char *method)
 {
-	char *password;
+	char *password = NULL;
 	int authenticated = 0, r;
 	u_char change;
-	size_t len;
+	size_t len = 0;
 
 	if ((r = sshpkt_get_u8(ssh, &change)) != 0 ||
 	    (r = sshpkt_get_cstring(ssh, &password, &len)) != 0 ||
 	    (change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) ||
-	    (r = sshpkt_get_end(ssh)) != 0)
+	    (r = sshpkt_get_end(ssh)) != 0) {
+		freezero(password, len);
 		fatal_fr(r, "parse packet");
+	}
 
 	if (change)
 		logit("password change not supported");

-- 
To stop receiving notification emails like this one, please contact
djm at mindrot.org.