[exim-cvs] gsasl authenticator: do not try to clear server p…

Startseite
Diese Nachricht ist Teil des folgenden Threads:
MDer komplette Thread sortiert nach Datum
 
 
Nachricht löschen
Nachricht beantworten
Autor: Exim Git Commits Mailing List
Datum:  
To: exim-cvs
Betreff: [exim-cvs] gsasl authenticator: do not try to clear server password after use, if
Gitweb: https://git.exim.org/exim.git/commitdiff/559d4875e1bcdb1169b272c37f936e82b0a8b0c0
Commit:     559d4875e1bcdb1169b272c37f936e82b0a8b0c0
Parent:     79d354a91037771dfcb870783209d129df8dd086
Author:     Jeremy Harris <jgh146exb@???>
AuthorDate: Mon May 17 12:40:51 2021 +0100
Committer:  Jeremy Harris <jgh146exb@???>
CommitDate: Mon Jun 28 00:30:03 2021 +0100


    gsasl authenticator: do not try to clear server password after use, if
    from config text
---
 src/src/auths/gsasl_exim.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)


diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c
index 7f9cc32..479d01a 100644
--- a/src/src/auths/gsasl_exim.c
+++ b/src/src/auths/gsasl_exim.c
@@ -757,7 +757,7 @@ switch (prop)
     for memory wiping, so expanding strings will leave stuff laying around.
     But no need to compound the problem, so get rid of the one we can. */


-    memset(tmps, '\0', strlen(tmps));
+    if (US tmps != s) memset(tmps, '\0', strlen(tmps));
     cbrc = GSASL_OK;
     break;



Diese Nachricht wurde auf der folgenden Mailing-List gepostet:
exim-cvs
Mailing-List-Info | Nachrichten um die Zeit		<-[exim-cvs] paniclog sigsegv events[exim-cvs] openssl config strings are immutable->
Tahini and Hummus and Cumin Development Archives administriert von cumin AdminsLurker (Version 2.3)