From c4404762701c7073e1f85d7f89834b5ddd59e749 Mon Sep 17 00:00:00 2001
From: Curtis McEnroe <june@causal.agency>
Date: Thu, 31 Oct 2019 19:04:43 -0400
Subject: Use explicit_bzero to clear passwords

GNU doesn't implement memset_s, but both FreeBSD and GNU implement
explicit_bzero. Darwin doesn't, so #define it in terms of memset_s.
---
 state.c | 7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

(limited to 'state.c')

diff --git a/state.c b/state.c
index 37df845..c980ad7 100644
--- a/state.c
+++ b/state.c
@@ -14,7 +14,7 @@
  * along with this program.  If not, see <http://www.gnu.org/licenses/>.
  */
 
-#define __STDC_WANT_LIB_EXT1__ 1
+#include "bounce.h"
 
 #include <assert.h>
 #include <err.h>
@@ -22,10 +22,9 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <strings.h>
 #include <sysexits.h>
 
-#include "bounce.h"
-
 typedef void Handler(struct Message *msg);
 
 static void require(const struct Message *msg, bool origin, size_t len) {
@@ -101,7 +100,7 @@ static void handleAuthenticate(struct Message *msg) {
 	(void)msg;
 	if (!plainBase64) errx(EX_PROTOCOL, "unsolicited AUTHENTICATE");
 	serverFormat("AUTHENTICATE %s\r\n", plainBase64);
-	memset_s(plainBase64, strlen(plainBase64), 0, strlen(plainBase64));
+	explicit_bzero(plainBase64, strlen(plainBase64));
 	free(plainBase64);
 	plainBase64 = NULL;
 }
-- 
cgit 1.4.1