]> git.michaelhowe.org Git - packages/o/openafs.git/commitdiff
projects / packages / o / openafs.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: b5f45f3)
Windows: NPLogonNotify secure erase password
authorJeffrey Altman <jaltman@your-file-system.com>
Tue, 19 Jun 2012 01:49:18 +0000 (21:49 -0400)
committerJeffrey Altman <jaltman@your-file-system.com>
Fri, 7 Dec 2012 00:41:12 +0000 (16:41 -0800)
The user's password is copied during the NPLogonNotify
processing, be sure to erase it from the stack before the
function completes.

Reviewed-on: http://gerrit.openafs.org/7632
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
(cherry picked from commit 187af8d11350c2ff509244f216c72bdd4b88451a)

Change-Id: I40f52324067597e4eb96bfd7ed19f18e154ef8ee
Reviewed-on: http://gerrit.openafs.org/8632
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
src/WINNT/afsd/afslogon.c patch | blob | history

diff --git a/src/WINNT/afsd/afslogon.c b/src/WINNT/afsd/afslogon.c
index 16f98d89566d9ca528962b59ead184e71e730ea9..8f2d72389f3d11ad07463d048c8d05fc85bcfdab 100644 (file)
--- a/src/WINNT/afsd/afslogon.c
+++ b/src/WINNT/afsd/afslogon.c
@@ -1190,6 +1190,8 @@ DWORD APIENTRY NPLogonNotify(
     if (opt.smbName) free(opt.smbName);
     if (opt.realm) free(opt.realm);
 
+    SecureZeroMemory(password, sizeof(password));
+
     DebugEvent("AFS AfsLogon - Exit","Return Code[%x]",code);
     return code;
 }