commit 0340f74caa84a3843246d252ab64e3e802d14e20
author Jeff Garzik <jeff@garzik.org> Tue Apr 25 03:00:29 2006 -0400
committer Jeff Garzik <jeff@garzik.org> Tue Apr 25 03:00:29 2006 -0400
tree 4196fe775d027040694527507234255b970caaca
parent 4158bad935569acb91d0eb68923bb155ee9e16f5

Password-related bug fixes.

dbfs.h

diff --git a/dbfs.h b/dbfs.h
index b38ad11..02f7342 100644
--- a/dbfs.h
+++ b/dbfs.h
@@ -65,7 +65,7 @@
 
 struct dbfs {
 	const char		*home;
-	const char		*passwd;
+	char			*passwd;
 
 	DB_ENV			*env;
 	DB			*meta;

libdbfs.c

diff --git a/libdbfs.c b/libdbfs.c
index d0eb239..1c28f03 100644
--- a/libdbfs.c
+++ b/libdbfs.c
@@ -46,9 +46,9 @@
 			goto err_out;
 		}
 
-		/* this isn't a very good way to shroud the password */
-		if (putenv("DB_PASSWORD=X"))
-			perror("putenv (SECURITY WARNING)");
+		memset(fs->passwd, 0, strlen(fs->passwd));
+		free(fs->passwd);
+		fs->passwd = NULL;
 	}
 
 	/* init DB transactional environment, stored in directory db_home */
@@ -131,6 +131,8 @@
 	passwd = getenv("DB_PASSWORD");
 	if (passwd) {
 		fs->passwd = strdup(passwd);
+
+		/* this isn't a very good way to shroud the password */
 		if (putenv("DB_PASSWORD=X"))
 			perror("putenv DB_PASSWORD (SECURITY WARNING)");
 	}