* ttyio.c (do_get): Assume that anything read from the user without

echoing to the screen is sensitive and put it in secure memory. Suggested by Benjamin Bennett.
2025-01-21 14:47:03 +01:00 · 2007-02-01 04:21:07 +00:00 · 2007-02-01 04:21:07 +00:00 · 67c18b8c3c
commit 67c18b8c3c
parent ef9e1b5fbc
2 changed files with 8 additions and 1 deletions
--- a/util/ChangeLog
+++ b/util/ChangeLog
@ -1,3 +1,9 @@
+2007-01-31  David Shaw  <dshaw@jabberwocky.com>
+
+	* ttyio.c (do_get): Assume that anything read from the user
+	without echoing to the screen is sensitive and put it in secure
+	memory.  Suggested by Benjamin Bennett.
+
 2006-12-14  Werner Koch  <wk@g10code.com>

 	* http.c (http_wait_response): No more shutdown.  Fixes bug#739.
--- a/util/ttyio.c
+++ b/util/ttyio.c
@ -405,7 +405,8 @@ do_get( const char *prompt, int hidden )
 	init_ttyfp();

    last_prompt_len = 0;
-    buf = xmalloc(n=50);
+    n = 50;
+    buf = hidden ? xmalloc_secure(n) : xmalloc(n);
    i = 0;

 #ifdef _WIN32 /* windoze version */