summary refs log tree commit diff
diff options
context:
space:
mode:
authorC. McEnroe2021-07-04 16:55:12 -0400
committerC. McEnroe2021-07-13 15:16:22 -0400
commitc76d76205fb056b7b0d96c97b991a299dc080417 (patch)
tree8a13ae81074f6152a0fc263b94d0e9e3de9be482
parent9559fe9d23351f0952f47a83ddae9d18b45b8406 (diff)
Zero out server password after sending
Also send it directly using ircSend to avoid copying it and logging
it to <debug>.
-rw-r--r--chat.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/chat.c b/chat.c
index 7bd68e0..5d9ad5e 100644
--- a/chat.c
+++ b/chat.c
@@ -150,7 +150,7 @@ int main(int argc, char *argv[]) {
 
 	bool log = false;
 	bool sasl = false;
-	const char *pass = NULL;
+	char *pass = NULL;
 	const char *nick = NULL;
 	const char *user = NULL;
 	const char *real = NULL;
@@ -344,7 +344,12 @@ int main(int argc, char *argv[]) {
 	}
 #endif
 
-	if (pass) ircFormat("PASS :%s\r\n", pass);
+	if (pass) {
+		ircFormat("PASS :");
+		ircSend(pass, strlen(pass));
+		ircFormat("\r\n");
+		explicit_bzero(pass, strlen(pass));
+	}
 	if (sasl) ircFormat("CAP REQ :sasl\r\n");
 	ircFormat("CAP LS\r\n");
 	ircFormat("NICK :%s\r\n", nick);