clear response from memory

author: Christian Hesse <mail@eworm.de> 2014-03-15 14:34:47 +0100
committer: Christian Hesse <mail@eworm.de> 2014-03-15 14:34:47 +0100
commit: ae8f68b24660be2f55730d886df7467e31b7828a (patch)
tree: cb865a8ddc41d6d8c13b154292a381e97e58b221 /udev/ykfde.c
parent: c282e422808cbec2acfb32f7ba2db71b55081cc2 (diff)
download: mkinitcpio-ykfde-ae8f68b24660be2f55730d886df7467e31b7828a.tar.gz
mkinitcpio-ykfde-ae8f68b24660be2f55730d886df7467e31b7828a.tar.zst
1 files changed, 5 insertions, 1 deletions
diff --git a/udev/ykfde.c b/udev/ykfde.c
index 8e92ba9..35000d6 100644
--- a/udev/ykfde.c
+++ b/udev/ykfde.c
@@ -102,7 +102,7 @@ int main(int argc, char **argv) {
 	/* Yubikey */
 	YK_KEY * yk;
 	uint8_t slot = SLOT_CHAL_HMAC2;
-	unsigned char response[64];
+	unsigned char response[SHA1_MAX_BLOCK_SIZE];
 	unsigned char response_hex[(SHA1_MAX_BLOCK_SIZE * 2) + 1];
 	char response_askpass[(SHA1_MAX_BLOCK_SIZE * 2) + 2];
 	/* iniparser */
@@ -230,6 +230,10 @@ out60:
 	closedir(dir);
 
 out50:
+	memset(response, 0, sizeof(response));
+	memset(response_hex, 0, sizeof(response_hex));
+	memset(response_askpass, 0, sizeof(response_askpass));
+
 	if (!yk_close_key(yk))
 		perror("yk_close_key() failed");
author	Christian Hesse <mail@eworm.de>	2014-03-15 14:34:47 +0100
committer	Christian Hesse <mail@eworm.de>	2014-03-15 14:34:47 +0100
commit	ae8f68b24660be2f55730d886df7467e31b7828a (patch)
tree	cb865a8ddc41d6d8c13b154292a381e97e58b221 /udev/ykfde.c
parent	c282e422808cbec2acfb32f7ba2db71b55081cc2 (diff)
download	mkinitcpio-ykfde-ae8f68b24660be2f55730d886df7467e31b7828a.tar.gz mkinitcpio-ykfde-ae8f68b24660be2f55730d886df7467e31b7828a.tar.zst