diff options
author | Ulrich Drepper <drepper@redhat.com> | 2000-07-05 22:34:10 +0000 |
---|---|---|
committer | Ulrich Drepper <drepper@redhat.com> | 2000-07-05 22:34:10 +0000 |
commit | 11b3488225fff62fe08631c3d2a2d2ec6c48d90c (patch) | |
tree | 06335438eb3da12bbc5d0d2d0d86f02a17c2a926 /crypt | |
parent | f3e29a1a0f56035dcc343afea952dd8c0d4f42d0 (diff) | |
download | glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.zip glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.gz glibc-11b3488225fff62fe08631c3d2a2d2ec6c48d90c.tar.bz2 |
Update.
* crypt/md5-crypt.c (__md5_crypt_r): Clear arrays the key and salt
string got copied in.
Patch by Solar Designer <solar@false.com>.
2000-07-05 Andreas Jaeger <aj@suse.de>
* manual/install.texi (Installation): Update information about
add-ons.
(Configuring and compiling): Update for glibc 2.2.
2000-07-04 Andreas Jaeger <aj@suse.de>
* sysdeps/i386/fpu_control.h (_FPU_DEFAULT): Correct value.
(_FPU_IEEE): Likewise.
* math/Makefile (tests): Add test-fpucw.
* math/test-fpucw.c (main): New file.
2000-07-05 Ulrich Drepper <drepper@redhat.com>
Diffstat (limited to 'crypt')
-rw-r--r-- | crypt/md5-crypt.c | 16 |
1 files changed, 14 insertions, 2 deletions
diff --git a/crypt/md5-crypt.c b/crypt/md5-crypt.c index 3b20ed1..6340502 100644 --- a/crypt/md5-crypt.c +++ b/crypt/md5-crypt.c @@ -60,6 +60,8 @@ __md5_crypt_r (key, salt, buffer, buflen) size_t key_len; size_t cnt; char *cp; + int key_copied = 0; + int salt_copied = 0; /* Find beginning of salt string. The prefix should normally always be present. Just in case it is not. */ @@ -77,6 +79,7 @@ __md5_crypt_r (key, salt, buffer, buflen) - (tmp - (char *) 0) % __alignof__ (md5_uint32), key, key_len); assert ((key - (char *) 0) % __alignof__ (md5_uint32) == 0); + key_copied = 1; } if ((salt - (char *) 0) % __alignof__ (md5_uint32) != 0) @@ -86,6 +89,7 @@ __md5_crypt_r (key, salt, buffer, buflen) - (tmp - (char *) 0) % __alignof__ (md5_uint32), salt, salt_len); assert ((salt - (char *) 0) % __alignof__ (md5_uint32) == 0); + salt_copied = 1; } /* Prepare for the real work. */ @@ -215,8 +219,16 @@ __md5_crypt_r (key, salt, buffer, buflen) /* Clear the buffer for the intermediate result so that people attaching to processes or reading core dumps cannot get any - information. */ - memset (alt_result, '\0', sizeof (alt_result)); + information. We do it in this way to clear correct_words[] + inside the MD5 implementation as well. */ + __md5_init_ctx (&ctx); + __md5_finish_ctx (&ctx, alt_result); + memset (&ctx, '\0', sizeof (ctx)); + memset (&alt_ctx, '\0', sizeof (alt_ctx)); + if (key_copied) + memset (key, '\0', key_len); + if (salt_copied) + memset (salt, '\0', salt_len); return buffer; } |