r13525: This is only a cleanup to have the memset() and SAFE_FREE() only one

time in the code.

Even if we now have an additional if statement after the free I prefer
this solution in opposite to the duplicated code we had before.

diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c
index 1423d9486d57b11306bcbd41f1f46d099ba37f25..a098039cd07996cc18e13f2f3b7d911b5b91c32d 100644 (file)
--- a/source/utils/pdbedit.c
+++ b/source/utils/pdbedit.c
@@ -400,6 +400,7 @@ static int new_user (struct pdb_methods *in, const char *username,
        SAM_ACCOUNT *sam_pwent=NULL;
 
        char *password1, *password2;
+       int rc_pwd_cmp;
 
        get_global_sam_sid();
 
@@ -410,22 +411,22 @@ static int new_user (struct pdb_methods *in, const char *username,
 
        password1 = get_pass( "new password:", stdin_get);
        password2 = get_pass( "retype new password:", stdin_get);
-       if (strcmp (password1, password2)) {
-               fprintf (stderr, "Passwords does not match!\n");
-               memset(password1, 0, strlen(password1));
-               SAFE_FREE(password1);
-               memset(password2, 0, strlen(password2));
-               SAFE_FREE(password2);
+       if ((rc_pwd_cmp = strcmp (password1, password2))) {
+               fprintf (stderr, "Passwords do not match!\n");
                pdb_free_sam (&sam_pwent);
-               return -1;
+       } else {
+               pdb_set_plaintext_passwd(sam_pwent, password1);
        }
 
-       pdb_set_plaintext_passwd(sam_pwent, password1);
        memset(password1, 0, strlen(password1));
        SAFE_FREE(password1);
        memset(password2, 0, strlen(password2));
        SAFE_FREE(password2);
 
+       /* pwds do _not_ match? */
+       if (rc_pwd_cmp)
+               return -1;
+
        if (fullname)
                pdb_set_fullname(sam_pwent, fullname, PDB_CHANGED);
        if (homedir)