|
|
@@ -343,13 +343,12 @@ int u_pass_match(struct userrec *u, const char *in)
|
|
|
if (!strcmp(cmp, in))
|
|
|
return 1;
|
|
|
} else {
|
|
|
- char pass[MAXPASSLEN + 1] = "";
|
|
|
-
|
|
|
- strlcpy(pass, in, sizeof(pass));
|
|
|
+ char *pass = strdup(in), *pass_p = pass;
|
|
|
|
|
|
/* Pass the salted pass in so the same salt can be used */
|
|
|
int n = salted_sha1cmp(cmp, pass);
|
|
|
OPENSSL_cleanse(pass, sizeof(pass));
|
|
|
+ free(pass_p);
|
|
|
if (!n)
|
|
|
return 1;
|
|
|
}
|