From 1409c1b3e8a10189f89c4f50609cd5d1c8221385 Mon Sep 17 00:00:00 2001
From: simon <simon@cda61777-01e9-0310-a592-d414129be87e>
Date: Thu, 9 Jan 2003 17:33:49 +0000
Subject: [PATCH] Yikes! Forgot to zero the password after SSH2 PW
 authentication.

git-svn-id: svn://svn.tartarus.org/sgt/putty@2512 cda61777-01e9-0310-a592-d414129be87e
---
 ssh.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/ssh.c b/ssh.c
index 24617b1c..eac31128 100644
--- a/ssh.c
+++ b/ssh.c
@@ -4942,6 +4942,7 @@ static void do_ssh2_authconn(Ssh ssh, unsigned char *in, int inlen, int ispkt)
 		ssh2_pkt_addstring(ssh, "password");
 		ssh2_pkt_addbool(ssh, FALSE);
 		ssh2_pkt_addstring(ssh, s->password);
+		memset(s->password, 0, sizeof(s->password));
 		ssh2_pkt_defer(ssh);
 		/*
 		 * We'll include a string that's an exact multiple of the
-- 
2.11.0