git: 852f70b24043 - main - init: use explicit_bzero() for clearing passwords

Kyle Evans kevans at FreeBSD.org
Wed Mar 3 03:56:52 UTC 2021


The branch main has been updated by kevans:

URL: https://cgit.FreeBSD.org/src/commit/?id=852f70b24043885f0e438e8fecedd482a9a96d5e

commit 852f70b24043885f0e438e8fecedd482a9a96d5e
Author:     Kyle Evans <kevans at FreeBSD.org>
AuthorDate: 2021-03-03 03:38:37 +0000
Commit:     Kyle Evans <kevans at FreeBSD.org>
CommitDate: 2021-03-03 03:55:41 +0000

    init: use explicit_bzero() for clearing passwords
    
    This is a nop in practice, because it cannot be proven that this
    particular bzero() is not significant.  Make it explicit anyways, rather
    than relying on an implementation detail of how the password is
    collected.
    
    Discussed with: Andrew Gierth <andrew tao146 riddles org uk>
---
 sbin/init/init.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sbin/init/init.c b/sbin/init/init.c
index c5f3c121f7f9..943db9f26bd3 100644
--- a/sbin/init/init.c
+++ b/sbin/init/init.c
@@ -908,7 +908,7 @@ single_user(void)
 				if (clear == NULL || *clear == '\0')
 					_exit(0);
 				password = crypt(clear, pp->pw_passwd);
-				bzero(clear, _PASSWORD_LEN);
+				explicit_bzero(clear, _PASSWORD_LEN);
 				if (password != NULL &&
 				    strcmp(password, pp->pw_passwd) == 0)
 					break;


More information about the dev-commits-src-all mailing list