From owner-dev-commits-src-all@freebsd.org Wed Mar 3 03:56:51 2021 Return-Path: Delivered-To: dev-commits-src-all@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id EE1BF55BB75; Wed, 3 Mar 2021 03:56:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Dr0Yb6StWz4ZlD; Wed, 3 Mar 2021 03:56:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id D080A23032; Wed, 3 Mar 2021 03:56:51 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 1233upaa048362; Wed, 3 Mar 2021 03:56:51 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 1233upTF048361; Wed, 3 Mar 2021 03:56:51 GMT (envelope-from git) Date: Wed, 3 Mar 2021 03:56:51 GMT Message-Id: <202103030356.1233upTF048361@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Kyle Evans Subject: git: 852f70b24043 - main - init: use explicit_bzero() for clearing passwords MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: kevans X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 852f70b24043885f0e438e8fecedd482a9a96d5e Auto-Submitted: auto-generated X-BeenThere: dev-commits-src-all@freebsd.org X-Mailman-Version: 2.1.34 Precedence: list List-Id: Commit messages for all branches of the src repository List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 03 Mar 2021 03:56:52 -0000 The branch main has been updated by kevans: URL: https://cgit.FreeBSD.org/src/commit/?id=852f70b24043885f0e438e8fecedd482a9a96d5e commit 852f70b24043885f0e438e8fecedd482a9a96d5e Author: Kyle Evans AuthorDate: 2021-03-03 03:38:37 +0000 Commit: Kyle Evans CommitDate: 2021-03-03 03:55:41 +0000 init: use explicit_bzero() for clearing passwords This is a nop in practice, because it cannot be proven that this particular bzero() is not significant. Make it explicit anyways, rather than relying on an implementation detail of how the password is collected. Discussed with: Andrew Gierth --- sbin/init/init.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/sbin/init/init.c b/sbin/init/init.c index c5f3c121f7f9..943db9f26bd3 100644 --- a/sbin/init/init.c +++ b/sbin/init/init.c @@ -908,7 +908,7 @@ single_user(void) if (clear == NULL || *clear == '\0') _exit(0); password = crypt(clear, pp->pw_passwd); - bzero(clear, _PASSWORD_LEN); + explicit_bzero(clear, _PASSWORD_LEN); if (password != NULL && strcmp(password, pp->pw_passwd) == 0) break;