libcli:auth: Keep passwords from convert_string_talloc() secret

author Joseph Sutton <josephsutton@catalyst.net.nz>

Tue, 2 Aug 2022 02:35:50 +0000 (14:35 +1200)

committer Andrew Bartlett <abartlet@samba.org>

Mon, 12 Sep 2022 23:07:38 +0000 (23:07 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Tue, 2 Aug 2022 02:35:50 +0000 (14:35 +1200)
committer Andrew Bartlett <abartlet@samba.org>
Mon, 12 Sep 2022 23:07:38 +0000 (23:07 +0000)
diff --git a/libcli/auth/smbencrypt.c b/libcli/auth/smbencrypt.c

index 7abf6613d80c82a2d1bb230d04e318e601804070..8492202ea93ac1e4fd0b319c7e8ae2deda0e7126 100644 (file)
--- a/libcli/auth/smbencrypt.c
+++ b/libcli/auth/smbencrypt.c
@@ -975,6 +975,7 @@ bool decode_pw_buffer(TALLOC_CTX *ctx,
                 DBG_ERR("Failed to convert incoming password\n");
                 return false;
         }
+       talloc_keep_secret(*pp_new_pwrd);
  
  #ifdef DEBUG_PASSWORD
         DEBUG(100,("decode_pw_buffer: new_pwrd: "));
@@ -1067,6 +1068,7 @@ bool decode_pwd_string_from_buffer514(TALLOC_CTX *mem_ctx,
         if (!ok) {
                 return false;
         }
+       talloc_keep_secret(decoded_password->data);
  
         return true;
  }
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Tue, 2 Aug 2022 02:35:50 +0000 (14:35 +1200)
committer	Andrew Bartlett <abartlet@samba.org>
	Mon, 12 Sep 2022 23:07:38 +0000 (23:07 +0000)