nhyatt/putty-source
1
0
Fork 0
mirror of https://git.tartarus.org/simon/putty.git synced 2025-01-25 01:02:24 +00:00
Code Issues Projects Releases Wiki Activity

Yikes! Forgot to zero the password after SSH2 PW authentication.

Browse Source 
[originally from svn r2512]
This commit is contained in:
Simon Tatham 2003-01-09 17:33:49 +00:00
parent c601d72463
commit 10c1d43ac6
1 changed files with 1 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
ssh.c
View File

@ -4942,6 +4942,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
ssh2_pkt_addstring(ssh, "password");
ssh2_pkt_addbool(ssh, FALSE);
ssh2_pkt_addstring(ssh, s->password);
memset(s->password, 0, sizeof(s->password));
ssh2_pkt_defer(ssh);
/*
* We'll include a string that's an exact multiple of the