From b6e4a367e2605da98d418bebcd44a2d0f913dab1 Mon Sep 17 00:00:00 2001
From: Jakob Kramer <jakob.kramer@gmx.de>
Date: Wed, 30 Apr 2014 14:15:26 +0200
Subject: [PATCH] su: zero out encrypted passwords

---
 su.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/su.c b/su.c
index c93d9c8..d24157a 100644
--- a/su.c
+++ b/su.c
@@ -86,6 +86,8 @@ main(int argc, char *argv[])
 
 		if (strcmp(cryptpass, spw->sp_pwdp) != 0)
 			eprintf(randreply());
+		explicit_bzero(cryptpass, strlen(cryptpass));
+		explicit_bzero(spw, sizeof *spw);
 	}
 
 	errno = 0;