gsasl authenticator: do not try to clear server password after use, if

[exim.git] / src / src / auths / gsasl_exim.c

diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c
index 7f9cc32957c072ca30f518a1a5d728aa90692f19..479d01a29daa1a9a4cd0996f528ad3240e2cc877 100644 (file)
--- a/src/src/auths/gsasl_exim.c
+++ b/src/src/auths/gsasl_exim.c
@@ -757,7 +757,7 @@ switch (prop)
     for memory wiping, so expanding strings will leave stuff laying around.
     But no need to compound the problem, so get rid of the one we can. */
 
-    memset(tmps, '\0', strlen(tmps));
+    if (US tmps != s) memset(tmps, '\0', strlen(tmps));
     cbrc = GSASL_OK;
     break;