From fae64c97fb3a923eb2028539d035783548bc9fd7 Mon Sep 17 00:00:00 2001 From: Mattias Andrée Date: Sun, 17 Aug 2014 21:45:20 +0200 Subject: update manual MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Mattias Andrée --- info/libpassphrase.texinfo | 16 +++++++++++----- 1 file changed, 11 insertions(+), 5 deletions(-) diff --git a/info/libpassphrase.texinfo b/info/libpassphrase.texinfo index 7eaf9a5..bf1a2dd 100644 --- a/info/libpassphrase.texinfo +++ b/info/libpassphrase.texinfo @@ -133,6 +133,14 @@ saves all settings before changing them and @code{passphrase_reenable_echo} applies to saved settings. +@item void passphrase_wipe(char*, size_t) +When you are done using passhprase you should +erase it from the memory before freeing its +allocation. To do this securtly, call +@code{passphrase_wipe} with the passphase +as the first argument and the length of the +passphrase as the second argument. + @end table These three functions could be made into one @@ -150,12 +158,12 @@ been disabled. #include /* For libpassphrase */ #include /* For output */ #include /* For free */ +#include /* For strlen */ int main(int argc, char** argv) @{ /* Variables for the passphrase */ char* passphrase; - char* passphrase_; /* Hide the passphrase */ passphrase_disable_echo(); @@ -177,10 +185,8 @@ int main(int argc, char** argv) printf("You entered: %s\n", passphrase); /* Wipe and free the passphrase */ - passphrase_ = passphrase; - while (*passphrase) - *passphrase++ = 0; - free(passphrase_); + passphrase_wipe(passphrase, strlen(passphrase)); + free(passphrase); /* Stop hiding user input */ passphrase_reenable_echo(); -- cgit v1.2.3-70-g09d2