gsasl authenticator: do not try to clear server password after use, if

author Jeremy Harris <jgh146exb@wizmail.org>

Mon, 17 May 2021 11:40:51 +0000 (12:40 +0100)

committer Jeremy Harris <jgh146exb@wizmail.org>

Sun, 27 Jun 2021 23:30:03 +0000 (00:30 +0100)
author Jeremy Harris <jgh146exb@wizmail.org>
Mon, 17 May 2021 11:40:51 +0000 (12:40 +0100)
committer Jeremy Harris <jgh146exb@wizmail.org>
Sun, 27 Jun 2021 23:30:03 +0000 (00:30 +0100)
diff --git a/src/src/auths/gsasl_exim.c b/src/src/auths/gsasl_exim.c

index 7f9cc32957c072ca30f518a1a5d728aa90692f19..479d01a29daa1a9a4cd0996f528ad3240e2cc877 100644 (file)
--- a/src/src/auths/gsasl_exim.c
+++ b/src/src/auths/gsasl_exim.c
@@ -757,7 +757,7 @@ switch (prop)
      for memory wiping, so expanding strings will leave stuff laying around.
      But no need to compound the problem, so get rid of the one we can. */
  
-    memset(tmps, '\0', strlen(tmps));
+    if (US tmps != s) memset(tmps, '\0', strlen(tmps));
      cbrc = GSASL_OK;
      break;
author	Jeremy Harris <jgh146exb@wizmail.org>
	Mon, 17 May 2021 11:40:51 +0000 (12:40 +0100)
committer	Jeremy Harris <jgh146exb@wizmail.org>
	Sun, 27 Jun 2021 23:30:03 +0000 (00:30 +0100)