Use memset_s to clear auth password.

There is a possibility that memset is optimised away, which would be problematic when clearing the password. Thus we replace memset with memset_s which has a far stricter language preventing this optimisation.
trilogy-libraries · Jul 19, 2023 · 6b3676a · 6b3676a
1 parent 640f990
commit 6b3676a
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/client.c b/src/client.c
@@ -417,7 +417,7 @@ int trilogy_auth_switch_send(trilogy_conn_t *conn, const trilogy_handshake_t *ha
 void trilogy_auth_clear_password(trilogy_conn_t *conn)
 {
     if (conn->socket->opts.password) {
-        memset(conn->socket->opts.password, 0, conn->socket->opts.password_len);
+        memset_s(conn->socket->opts.password, conn->socket->opts.password_len, 0, conn->socket->opts.password_len);
     }
 }