aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--fetchmail.c31
1 files changed, 16 insertions, 15 deletions
diff --git a/fetchmail.c b/fetchmail.c
index 172abc99..1e6f7b1b 100644
--- a/fetchmail.c
+++ b/fetchmail.c
@@ -713,21 +713,6 @@ void termhook(int sig)
{
struct query *ctl;
- /*
- * Craig Metz, the RFC1938 one-time-password guy, points out:
- * "Remember that most kernels don't zero pages before handing them to the
- * next process and many kernels share pages between user and kernel space.
- * You'd be very surprised what you can find from a short program to do a
- * malloc() and then dump the contents of the pages you got. By zeroing
- * the secrets at end of run (earlier if you can), you make sure the next
- * guy can't get the password/pass phrase."
- *
- * Right you are, Craig!
- */
- for (ctl = querylist; ctl; ctl = ctl->next)
- if (ctl->password)
- memset(ctl->password, '\0', strlen(ctl->password));
-
/*
* Sending SMTP QUIT on signal is theoretically nice, but led to a
* subtle bug. If fetchmail was terminated by signal while it was
@@ -749,6 +734,22 @@ void termhook(int sig)
if (!check_only)
write_saved_lists(querylist, idfile);
+ /*
+ * Craig Metz, the RFC1938 one-time-password guy, points out:
+ * "Remember that most kernels don't zero pages before handing them to the
+ * next process and many kernels share pages between user and kernel space.
+ * You'd be very surprised what you can find from a short program to do a
+ * malloc() and then dump the contents of the pages you got. By zeroing
+ * the secrets at end of run (earlier if you can), you make sure the next
+ * guy can't get the password/pass phrase."
+ *
+ * Right you are, Craig!
+ */
+ for (ctl = querylist; ctl; ctl = ctl->next)
+ if (ctl->password)
+ memset(ctl->password, '\0', strlen(ctl->password));
+ }
+
#if !defined(HAVE_ATEXIT) && !defined(HAVE_ON_EXIT)
unlockit();
#endif