ask-password: erase character read with _cleanup_
This is much nicer, since it means we erase the character regardless how we exit the scope.
This commit is contained in:
parent
d5d1ae153f
commit
e1ed99c8c8
|
@ -77,3 +77,8 @@ static inline void* explicit_bzero_safe(void *p, size_t l) {
|
||||||
#else
|
#else
|
||||||
void *explicit_bzero_safe(void *p, size_t l);
|
void *explicit_bzero_safe(void *p, size_t l);
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
|
/* Use with _cleanup_ to erase a single 'char' when leaving scope */
|
||||||
|
static inline void erase_char(char *p) {
|
||||||
|
explicit_bzero_safe(p, sizeof(char));
|
||||||
|
}
|
||||||
|
|
|
@ -306,9 +306,9 @@ int ask_password_tty(
|
||||||
};
|
};
|
||||||
|
|
||||||
for (;;) {
|
for (;;) {
|
||||||
|
_cleanup_(erase_char) char c;
|
||||||
int sleep_for = -1, k;
|
int sleep_for = -1, k;
|
||||||
ssize_t n;
|
ssize_t n;
|
||||||
char c;
|
|
||||||
|
|
||||||
if (until > 0) {
|
if (until > 0) {
|
||||||
usec_t y;
|
usec_t y;
|
||||||
|
@ -452,9 +452,6 @@ int ask_password_tty(
|
||||||
|
|
||||||
dirty = true;
|
dirty = true;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Let's forget this char, just to not keep needlessly copies of key material around */
|
|
||||||
c = 'x';
|
|
||||||
}
|
}
|
||||||
|
|
||||||
x = strndup(passphrase, p);
|
x = strndup(passphrase, p);
|
||||||
|
|
Loading…
Reference in New Issue