modules/crypto/pbkdf2v2: parse_dbentry: use less stack space

Also denote lack of need for zeroing potentially-sensitive information.

diff --git a/modules/crypto/pbkdf2v2.c b/modules/crypto/pbkdf2v2.c
index a5170983c86f2004c9ca18a9c2d61da3d2f1eb6a..00066c08e8476dc2ebea212a2d7f93602ffcb2a6 100644 (file)
--- a/modules/crypto/pbkdf2v2.c
+++ b/modules/crypto/pbkdf2v2.c
@@ -130,9 +130,9 @@ atheme_pbkdf2v2_determine_params(struct pbkdf2v2_dbentry *const restrict dbe)
 static bool
 atheme_pbkdf2v2_parse_dbentry(struct pbkdf2v2_dbentry *const restrict dbe, const char *const restrict parameters)
 {
-       char sdg64[0x1000];
-       char ssk64[0x1000];
-       char shk64[0x1000];
+       char sdg64[BUFSIZE];
+       char ssk64[BUFSIZE];
+       char shk64[BUFSIZE];
 
        bool retval = true;
 
@@ -202,6 +202,7 @@ atheme_pbkdf2v2_parse_dbentry(struct pbkdf2v2_dbentry *const restrict dbe, const
        (void) slog(LG_DEBUG, "%s: sscanf(3) was unsuccessful", MOWGLI_FUNC_NAME);
 
 err:
+       // No need to zero dbe, callers do that if this fails
        retval = false;
 
 done: