After processing the argument to the 'password' option, this
overwrites the original argument on the stack with '?' characters,
and for good measure makes the argument pointer point to a constant
string "********" so as not to reveal the length of the password.
This is so that tools such as ps don't show the actual password
when displaying the process arguments. Nevertheless, it is still
better to get the password from a file, since there is inevitably
still a window of time when the password would be visible.
Signed-off-by: Paul Mackerras <paulus@ozlabs.org>
free(*optptr);
*optptr = sv;
}
+ /* obfuscate original argument for things like password */
+ if (opt->flags & OPT_HIDE) {
+ memset(*argv, '?', strlen(*argv));
+ *argv = "********";
+ }
break;
case o_special_noarg: