Clear passwords from memory with memset_s

author: June McEnroe <june@causal.agency> 2019-10-31 17:45:02 -0400
committer: June McEnroe <june@causal.agency> 2019-10-31 17:45:02 -0400
commit: 750be17704654f93a16ef4fc36405ba3abb5f493 (patch)
tree: dd74df6cb3d2bd2cdc27245e800994cf720159c4 /bounce.c
parent: Clean up cert path documentation (diff)
download: pounce-750be17704654f93a16ef4fc36405ba3abb5f493.tar.gz
pounce-750be17704654f93a16ef4fc36405ba3abb5f493.zip
1 files changed, 7 insertions, 2 deletions
diff --git a/bounce.c b/bounce.c
index aa1cecc..cc6b34f 100644
--- a/bounce.c
+++ b/bounce.c
@@ -14,6 +14,8 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
+#define __STDC_WANT_LIB_EXT1__ 1
+
 #include <assert.h>
 #include <err.h>
 #include <errno.h>
@@ -107,8 +109,8 @@ int main(int argc, char *argv[]) {
 	bool insecure = false;
 	const char *host = NULL;
 	const char *port = "6697";
-	const char *pass = NULL;
-	const char *auth = NULL;
+	char *pass = NULL;
+	char *auth = NULL;
 	const char *nick = NULL;
 	const char *user = NULL;
 	const char *real = NULL;
@@ -195,6 +197,9 @@ int main(int argc, char *argv[]) {
 
 	int server = serverConnect(insecure, host, port);
 	stateLogin(pass, auth, nick, user, real);
+	if (pass) memset_s(pass, strlen(pass), 0, strlen(pass));
+	if (auth) memset_s(auth, strlen(auth), 0, strlen(auth));
+
 	while (!stateReady()) serverRecv();
 	serverFormat("AWAY :%s\r\n", away);
 	if (join) serverFormat("JOIN :%s\r\n", join);
author	June McEnroe <june@causal.agency>	2019-10-31 17:45:02 -0400
committer	June McEnroe <june@causal.agency>	2019-10-31 17:45:02 -0400
commit	750be17704654f93a16ef4fc36405ba3abb5f493 (patch)
tree	dd74df6cb3d2bd2cdc27245e800994cf720159c4 /bounce.c
parent	Clean up cert path documentation (diff)
download	pounce-750be17704654f93a16ef4fc36405ba3abb5f493.tar.gz pounce-750be17704654f93a16ef4fc36405ba3abb5f493.zip