From 3d29861e86e2044dc4dfbf6f2615c3e567c7a4f6 Mon Sep 17 00:00:00 2001
From: Arthur de Jong <arthur@arthurdejong.org>
Date: Wed, 14 May 2014 21:29:38 +0200
Subject: Clear buffers before free-ing

This clears most buffers that may hold credentials at one point before
free()ing the memory.
---
 common/tio.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'common')

diff --git a/common/tio.c b/common/tio.c
index 1ec1381..910d6f8 100644
--- a/common/tio.c
+++ b/common/tio.c
@@ -2,7 +2,7 @@
    tio.c - timed io functions
    This file is part of the nss-pam-ldapd library.
 
-   Copyright (C) 2007, 2008, 2010, 2011, 2012, 2013 Arthur de Jong
+   Copyright (C) 2007-2014 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -485,6 +485,8 @@ int tio_close(TFILE *fp)
   if (close(fp->fd))
     retv = -1;
   /* free any allocated buffers */
+  memset(fp->readbuffer.buffer, 0, sizeof(fp->readbuffer.size));
+  memset(fp->writebuffer.buffer, 0, sizeof(fp->writebuffer.size));
   free(fp->readbuffer.buffer);
   free(fp->writebuffer.buffer);
   /* free the tio struct itself */
-- 
cgit v1.2.3