From 37bd6612bdffabe6d8a588b391bd353c39497abb Mon Sep 17 00:00:00 2001
From: tedu <tedu>
Date: Thu, 17 Jan 2019 05:35:35 +0000
Subject: [PATCH] clear the password even after a mismatch

---
 doas.c | 1 +
 1 file changed, 1 insertion(+)

diff --git a/doas.c b/doas.c
index a327136..6223aff 100644
--- a/doas.c
+++ b/doas.c
@@ -234,6 +234,7 @@ authuser(char *myname, char *login_style, int persist)
 		errx(1, "a tty is required");
 	}
 	if (!auth_userresponse(as, response, 0)) {
+		explicit_bzero(rbuf, sizeof(rbuf));
 		syslog(LOG_AUTHPRIV | LOG_NOTICE,
 		    "failed auth for %s", myname);
 		errx(1, "Authorization failed");
-- 
2.39.2