From 4858529b0c2a0d95e52f0afa32f59300e11344d1 Mon Sep 17 00:00:00 2001
From: jacob <jacob@cda61777-01e9-0310-a592-d414129be87e>
Date: Sun, 25 Feb 2007 02:15:20 +0000
Subject: [PATCH] Attempt to scrub -pw's argument in argv[], to make it less
 obvious.

git-svn-id: svn://svn.tartarus.org/sgt/putty@7323 cda61777-01e9-0310-a592-d414129be87e
---
 cmdline.c | 11 ++++++++---
 1 file changed, 8 insertions(+), 3 deletions(-)

diff --git a/cmdline.c b/cmdline.c
index bdfa1aa2..033df64a 100644
--- a/cmdline.c
+++ b/cmdline.c
@@ -319,10 +319,15 @@ int cmdline_process_param(char *p, char *value, int need_save, Config *cfg)
 	/* We delay evaluating this until after the protocol is decided,
 	 * so that we can warn if it's of no use with the selected protocol */
 	if (cfg->protocol != PROT_SSH)
-	    cmdline_error("The -pw option can only be used with the "
+	    cmdline_error("the -pw option can only be used with the "
 			  "SSH protocol");
-	else
-	    cmdline_password = value;
+	else {
+	    cmdline_password = dupstr(value);
+	    /* Assuming that `value' is directly from argv, make a good faith
+	     * attempt to trample it, to stop it showing up in `ps' output
+	     * on Unix-like systems. Not guaranteed, of course. */
+	    memset(value, 0, strlen(value));
+	}
     }
 
     if (!strcmp(p, "-agent") || !strcmp(p, "-pagent") ||
-- 
2.11.0