From 1921b89c48680ec0a180adeaab26a23c3e5a3f72 Mon Sep 17 00:00:00 2001
From: Mounir IDRASSI <mounir.idrassi@idrix.fr>
Date: Thu, 28 Nov 2019 18:36:36 +0100
Subject: Fix F5 showing previous password after failed authentication attempt.
 Ensure that even wrong password value are cleared from memory.

---
 Library/VeraCryptLib/DcsVeraCrypt.c | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'Library/VeraCryptLib/DcsVeraCrypt.c')

diff --git a/Library/VeraCryptLib/DcsVeraCrypt.c b/Library/VeraCryptLib/DcsVeraCrypt.c
index c3e8a39..b99ed0b 100644
--- a/Library/VeraCryptLib/DcsVeraCrypt.c
+++ b/Library/VeraCryptLib/DcsVeraCrypt.c
@@ -400,9 +400,11 @@ VCAskPwd(
 VOID
 VCAuthAsk() 
 {
+	MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
 	VCAskPwd(AskPwdLogin, &gAuthPassword);
 
 	if ((gAuthPwdCode == AskPwdRetCancel) || (gAuthPwdCode == AskPwdRetTimeout)) {
+		MEM_BURN(&gAuthPassword, sizeof(gAuthPassword));
 		return;
 	}
 
-- 
cgit v1.2.3