From 623cd4e8e9f1435d2fb7b273dd6b555f7d80a9bb Mon Sep 17 00:00:00 2001
From: Jinseek Ryu <heat2048@gmail.com>
Date: Mon, 7 Jul 2025 13:23:59 +0900
Subject: [PATCH] fix make scrambled password segmentation fault bug when
 password longer than 26 characters

---
 src/password_323.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/password_323.c b/src/password_323.c
index de4548c..a6a8e01 100644
--- a/src/password_323.c
+++ b/src/password_323.c
@@ -137,12 +137,12 @@ void make_scrambled_password(char scrambled_password[42], const char password[25
   SHA1Init(&ctx);
   SHA1Update(&ctx, h0, sizeof h0);
 #ifdef HAVE_EXPLICIT_BZERO
-  explicit_bzero(h0, strlen(password));
+  explicit_bzero(h0, sizeof h0);
 #else
   volatile char *pnt_ = (volatile char *) h0;
   size_t i = (size_t) 0U;
 
-  while (i < strlen(password)) {
+  while (i < sizeof h0) {
     pnt_[i++] = 0U;
   }
 #endif