This currently new function will be part of glibc 2.25. Reference: https://sourceware.org/git/?p=glibc.git;a=commit;h=ea1bd74defcf9d5291d14972e63105168ca9eb4f Signed-off-by: Sami Kerola <kerolasa@xxxxxx> --- configure.ac | 1 + login-utils/newgrp.c | 6 ++++++ 2 files changed, 7 insertions(+) diff --git a/configure.ac b/configure.ac index 796364f71..c50f07a47 100644 --- a/configure.ac +++ b/configure.ac @@ -379,6 +379,7 @@ AC_CHECK_FUNCS([ \ __secure_getenv \ err \ errx \ + explicit_bzero \ fsync \ utimensat \ getdomainname \ diff --git a/login-utils/newgrp.c b/login-utils/newgrp.c index 367333ec3..63a45cd6a 100644 --- a/login-utils/newgrp.c +++ b/login-utils/newgrp.c @@ -60,6 +60,7 @@ static char *xgetpass(FILE *input, const char *prompt) return pass; } +#ifndef HAVE_EXPLICIT_BZERO /* Ensure memory is set to value c without compiler optimization getting * into way that could happen with memset(3). */ static int xmemset_s(void *v, size_t sz, const int c) @@ -72,6 +73,7 @@ static int xmemset_s(void *v, size_t sz, const int c) *p++ = c; return 0; } +#endif /* try to read password from gshadow */ static char *get_gshadow_pwd(const char *groupname) @@ -148,7 +150,11 @@ static int allow_setgid(const struct passwd *pe, const struct group *ge) if (pwd && *pwd && (xpwd = xgetpass(stdin, _("Password: ")))) { char *cbuf = crypt(xpwd, pwd); +#ifdef HAVE_EXPLICIT_BZERO + explicit_bzero(xpwd, strlen(xpwd)); +#else xmemset_s(xpwd, strlen(xpwd), 0); +#endif free(xpwd); if (!cbuf) warn(_("crypt failed")); -- 2.11.0 -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
