From f5cae905ca1a9f686f80aea45a34cea50fec0534 Mon Sep 17 00:00:00 2001 From: modric Date: Thu, 17 Nov 2022 16:08:59 +0800 Subject: [PATCH] Fix memory leak of pass in converse(). --- plugins/sudoers/auth/pam.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/plugins/sudoers/auth/pam.c b/plugins/sudoers/auth/pam.c index dee9ea2..e90a4a6 100644 --- a/plugins/sudoers/auth/pam.c +++ b/plugins/sudoers/auth/pam.c @@ -703,6 +703,8 @@ converse(int num_msg, PAM_CONST struct pam_message **msg, "password longer than %d", PAM_MAX_RESP_SIZE); ret = PAM_CONV_ERR; memset_s(pass, SUDO_CONV_REPL_MAX, 0, strlen(pass)); + free(pass); + pass = NULL; goto done; } reply[n].resp = pass; /* auth_getpass() malloc's a copy */