[PATCH v2 14/27] virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N
Peter Krempa
pkrempa at redhat.com
Tue Feb 2 16:55:51 UTC 2021
Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.
Signed-off-by: Peter Krempa <pkrempa at redhat.com>
---
src/util/vircrypto.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index c4874550af..d2a42d83e2 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -25,6 +25,7 @@
#include "virerror.h"
#include "viralloc.h"
#include "virrandom.h"
+#include "virsecureerase.h"
#include <gnutls/gnutls.h>
#include <gnutls/crypto.h>
@@ -206,7 +207,8 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
return 0;
error:
- VIR_DISPOSE_N(ciphertext, ciphertextlen);
+ virSecureErase(ciphertext, ciphertextlen);
+ g_free(ciphertext);
memset(&enc_key, 0, sizeof(gnutls_datum_t));
memset(&iv_buf, 0, sizeof(gnutls_datum_t));
return -1;
--
2.29.2
More information about the libvir-list
mailing list