From c4404762701c7073e1f85d7f89834b5ddd59e749 Mon Sep 17 00:00:00 2001
From: Curtis McEnroe <june@causal.agency>
Date: Thu, 31 Oct 2019 19:04:43 -0400
Subject: Use explicit_bzero to clear passwords

GNU doesn't implement memset_s, but both FreeBSD and GNU implement
explicit_bzero. Darwin doesn't, so #define it in terms of memset_s.
---
 bounce.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

(limited to 'bounce.c')

diff --git a/bounce.c b/bounce.c
index b89e90a..49bc0f9 100644
--- a/bounce.c
+++ b/bounce.c
@@ -14,7 +14,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define __STDC_WANT_LIB_EXT1__ 1
+#include "bounce.h"
 
 #include <assert.h>
 #include <err.h>
@@ -26,6 +26,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <strings.h>
 #include <sys/file.h>
 #include <sys/socket.h>
 #include <sys/stat.h>
@@ -33,8 +34,6 @@
 #include <tls.h>
 #include <unistd.h>
 
-#include "bounce.h"
-
 #ifndef SIGINFO
 #define SIGINFO SIGUSR2
 #endif
@@ -197,8 +196,8 @@ int main(int argc, char *argv[]) {
 
 	int server = serverConnect(insecure, host, port);
 	stateLogin(pass, auth, nick, user, real);
-	if (pass) memset_s(pass, strlen(pass), 0, strlen(pass));
-	if (auth) memset_s(auth, strlen(auth), 0, strlen(auth));
+	if (pass) explicit_bzero(pass, strlen(pass));
+	if (auth) explicit_bzero(auth, strlen(auth));
 
 	while (!stateReady()) serverRecv();
 	serverFormat("AWAY :%s\r\n", away);
-- 
cgit 1.4.1

<td class='form'><form class='right' method='get' action='/src/log/home/.config/nvim/colors'>
<input type='hidden' name='id' value='aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5'/><select name='qt'>
<option value='grep'>log msg</option>
<option value='author'>author</option>
<option value='committer'>committer</option>
<option value='range'>range</option>
</select>
<input class='txt' type='search' size='10' name='q' value=''/>
<input type='submit' value='search'/>
</form>
</td></tr></table>
<div class='path'>path: <a href='/src/log/?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;follow=1'>root</a>/<a href='/src/log/home?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;follow=1'>home</a>/<a href='/src/log/home/.config?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;follow=1'>.config</a>/<a href='/src/log/home/.config/nvim?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;follow=1'>nvim</a>/<a href='/src/log/home/.config/nvim/colors?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;follow=1'>colors</a> (<a href='/src/log/home/.config/nvim/colors?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5'>unfollow</a>)</div><div class='content'><table class='list nowrap'><tr class='nohover'><th></th><th class='left'>Commit message (<a href='/src/log/home/.config/nvim/colors?id=aa5b7ab66dcbc15d4458f035987a4e84bb14dcd5&amp;showmsg=1&amp;follow=1'>Expand</a>)</th><th class='left'>Author</th></tr>
<tr><td><span title='2018-09-08 01:15:55 -0400'>2018-09-08</span></td><td><a href='/src/commit/gfx/Makefile?id=cfbb67a437dd7d7ff95e5f21a77d2c4de2320f0b&amp;follow=1'>Link gfx man pages in ~/.local</a></td><td>June McEnroe