From 187af8d11350c2ff509244f216c72bdd4b88451a Mon Sep 17 00:00:00 2001
From: Jeffrey Altman <jaltman@your-file-system.com>
Date: Mon, 18 Jun 2012 21:49:18 -0400
Subject: [PATCH] Windows: NPLogonNotify secure erase password

The user's password is copied during the NPLogonNotify
processing, be sure to erase it from the stack before the
function completes.

Change-Id: Ib600f5656f7b32628e7105336ff0ffef8f15272f
Reviewed-on: http://gerrit.openafs.org/7632
Tested-by: BuildBot <buildbot@rampaginggeek.com>
Reviewed-by: Jeffrey Altman <jaltman@your-file-system.com>
Tested-by: Jeffrey Altman <jaltman@your-file-system.com>
---
 src/WINNT/afsd/afslogon.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/WINNT/afsd/afslogon.c b/src/WINNT/afsd/afslogon.c
index ab7cbfbe9..0138c62ce 100644
--- a/src/WINNT/afsd/afslogon.c
+++ b/src/WINNT/afsd/afslogon.c
@@ -1205,6 +1205,8 @@ NPLogonNotify(
     if (opt.smbName) free(opt.smbName);
     if (opt.realm) free(opt.realm);
 
+    SecureZeroMemory(password, sizeof(password));
+
     DebugEvent("AFS AfsLogon - Exit","Return Code[%x]",code);
     return code;
 }
-- 
2.39.5