Zero out server password after sending

Also send it directly using ircSend to avoid copying it and logging it to <debug>.
author: June McEnroe <june@causal.agency> 2021-07-04 16:55:12 -0400
committer: June McEnroe <june@causal.agency> 2021-07-13 15:16:22 -0400
commit: c76d76205fb056b7b0d96c97b991a299dc080417 (patch)
tree: 8a13ae81074f6152a0fc263b94d0e9e3de9be482
parent: Make -o/printCert not load any files, pledge even earlier (diff)
download: catgirl-c76d76205fb056b7b0d96c97b991a299dc080417.tar.gz
catgirl-c76d76205fb056b7b0d96c97b991a299dc080417.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/chat.c b/chat.c
index 7bd68e0..5d9ad5e 100644
--- a/chat.c
+++ b/chat.c
@@ -150,7 +150,7 @@ int main(int argc, char *argv[]) {
 
 	bool log = false;
 	bool sasl = false;
-	const char *pass = NULL;
+	char *pass = NULL;
 	const char *nick = NULL;
 	const char *user = NULL;
 	const char *real = NULL;
@@ -344,7 +344,12 @@ int main(int argc, char *argv[]) {
 	}
 #endif
 
-	if (pass) ircFormat("PASS :%s\r\n", pass);
+	if (pass) {
+		ircFormat("PASS :");
+		ircSend(pass, strlen(pass));
+		ircFormat("\r\n");
+		explicit_bzero(pass, strlen(pass));
+	}
 	if (sasl) ircFormat("CAP REQ :sasl\r\n");
 	ircFormat("CAP LS\r\n");
 	ircFormat("NICK :%s\r\n", nick);
author	June McEnroe <june@causal.agency>	2021-07-04 16:55:12 -0400
committer	June McEnroe <june@causal.agency>	2021-07-13 15:16:22 -0400
commit	c76d76205fb056b7b0d96c97b991a299dc080417 (patch)
tree	8a13ae81074f6152a0fc263b94d0e9e3de9be482
parent	Make -o/printCert not load any files, pledge even earlier (diff)
download	catgirl-c76d76205fb056b7b0d96c97b991a299dc080417.tar.gz catgirl-c76d76205fb056b7b0d96c97b991a299dc080417.zip