Missing ForceZero on plaintext password copy

ejohnstown · ejohnstown · commit 4c07eb95022f · 2026-03-03T11:30:08.000-08:00
When a copy of the user's password is freed, it wasn't getting force
zeroed. It might still exist in the heap after getting freed.  Added
a call to `ForceZero()`.

Affected function: CheckPasswordUnix.
diff --git a/apps/wolfsshd/auth.c b/apps/wolfsshd/auth.c
@@ -430,6 +430,7 @@ static int CheckPasswordUnix(const char* usr, const byte* pw, word32 pwSz, WOLFS
     }
 
     if (pwStr != NULL) {
+        ForceZero(pwStr, pwSz + 1);
         WFREE(pwStr, NULL, DYNTYPE_STRING);
     }
     if (storedHashCpy != NULL) {

Original file line number	Diff line number	Diff line change
`@@ -430,6 +430,7 @@ static int CheckPasswordUnix(const char* usr, const byte* pw, word32 pwSz, WOLFS`
`430`	`430`	`}`
`431`	`431`
`432`	`432`	`if (pwStr != NULL) {`
	`433`	`+ ForceZero(pwStr, pwSz + 1);`
`433`	`434`	`WFREE(pwStr, NULL, DYNTYPE_STRING);`
`434`	`435`	`}`
`435`	`436`	`if (storedHashCpy != NULL) {`