1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
|
From 2c334fd36f80cb91cc42e4b978b10aa35e0df236 Mon Sep 17 00:00:00 2001
From: "dtucker@openbsd.org" <dtucker@openbsd.org>
Date: Fri, 27 May 2022 04:29:40 +0000
Subject: upstream: f sshpkt functions fail, then password is not cleared
with freezero. Unconditionally call freezero to guarantee that password is
removed from RAM.
From tobias@ and c3h2_ctf via github PR#286, ok djm@
OpenBSD-Commit-ID: 6b093619c9515328e25b0f8093779c52402c89cd
Conflict:NA
Reference:https://anongit.mindrot.org/openssh.git/commit?id=2c334fd36f80cb91cc42e4b978b10aa35e0df236
---
auth2-passwd.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/auth2-passwd.c b/auth2-passwd.c
index be4b860..1d80481 100644
--- a/auth2-passwd.c
+++ b/auth2-passwd.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: auth2-passwd.c,v 1.19 2020/10/18 11:32:01 djm Exp $ */
+/* $OpenBSD: auth2-passwd.c,v 1.21 2022/05/27 04:29:40 dtucker Exp $ */
/*
* Copyright (c) 2000 Markus Friedl. All rights reserved.
*
@@ -51,16 +51,18 @@ extern ServerOptions options;
static int
userauth_passwd(struct ssh *ssh)
{
- char *password;
+ char *password = NULL;
int authenticated = 0, r;
u_char change;
- size_t len;
+ size_t len = 0;
if ((r = sshpkt_get_u8(ssh, &change)) != 0 ||
(r = sshpkt_get_cstring(ssh, &password, &len)) != 0 ||
(change && (r = sshpkt_get_cstring(ssh, NULL, NULL)) != 0) ||
- (r = sshpkt_get_end(ssh)) != 0)
+ (r = sshpkt_get_end(ssh)) != 0) {
+ freezero(password, len);
fatal_fr(r, "parse packet");
+ }
if (change)
logit("password change not supported");
--
2.33.0
|
