[libvirt] [PATCH 01/10] qemu: conf: Clear spice/vnc passwords from memory when freeing conf object

Peter Krempa pkrempa at redhat.com
Mon Apr 1 13:04:52 UTC 2019


We should not keep secrets randomly on the heap.

Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
 src/qemu/qemu_conf.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 42122dcd97..f23a0c0222 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -363,12 +363,12 @@ static void virQEMUDriverConfigDispose(void *obj)
     VIR_FREE(cfg->vncTLSx509certdir);
     VIR_FREE(cfg->vncTLSx509secretUUID);
     VIR_FREE(cfg->vncListen);
-    VIR_FREE(cfg->vncPassword);
+    VIR_DISPOSE_STRING(cfg->vncPassword);
     VIR_FREE(cfg->vncSASLdir);

     VIR_FREE(cfg->spiceTLSx509certdir);
     VIR_FREE(cfg->spiceListen);
-    VIR_FREE(cfg->spicePassword);
+    VIR_DISPOSE_STRING(cfg->spicePassword);
     VIR_FREE(cfg->spiceSASLdir);

     VIR_FREE(cfg->chardevTLSx509certdir);
-- 
2.20.1




More information about the libvir-list mailing list