From 2cf050d69e9cab45015619e48ea96993129bab44 Mon Sep 17 00:00:00 2001
From: Jakob Unterwurzacher
Date: Sun, 18 Feb 2018 15:22:22 +0100
Subject: main: zero password once we are done with it

Overwrite the password we have got from the user
with zeros once we don't need it anymore, and make
sure the variable runs out of scope.
---
 main.go | 15 ++++++++++++---
 1 file changed, 12 insertions(+), 3 deletions(-)

(limited to 'main.go')

diff --git a/main.go b/main.go
index ed5784f..ddb4f4e 100644
--- a/main.go
+++ b/main.go
@@ -49,6 +49,9 @@ func loadConfig(args *argContainer) (masterkey []byte, confFile *configfile.Conf
 		pw := readpassword.Once(args.extpass)
 		tlog.Info.Println("Decrypting master key")
 		masterkey, confFile, err = configfile.LoadConfFile(args.config, pw)
+		for i := range pw {
+			pw[i] = 0
+		}
 	}
 	if err != nil {
 		tlog.Fatal.Println(err)
@@ -64,9 +67,15 @@ func changePassword(args *argContainer) {
 		exitcodes.Exit(err)
 	}
 	tlog.Info.Println("Please enter your new password.")
-	newPw := readpassword.Twice(args.extpass)
-	readpassword.CheckTrailingGarbage()
-	confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
+	{
+		newPw := readpassword.Twice(args.extpass)
+		readpassword.CheckTrailingGarbage()
+		confFile.EncryptKey(masterkey, newPw, confFile.ScryptObject.LogN())
+		for i := range newPw {
+			newPw[i] = 0
+		}
+		// newPw runs out of scope here
+	}
 	// Are we resetting the password without knowing the old one using
 	// "-masterkey"?
 	if args.masterkey != "" {
-- 
cgit v1.2.3