virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N

Clear out the value using virSecureErase and free it with g_free so that VIR_DISPOSE_N can be phased out. Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
2024-07-30 21:47:18 +00:00 · 2021-02-01 14:13:53 +01:00 · 2021-02-01 14:13:53 +01:00 · 288d051494
commit 288d051494
parent 549305922a
1 changed files with 3 additions and 1 deletions
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@ -25,6 +25,7 @@
 #include "virerror.h"
 #include "viralloc.h"
 #include "virrandom.h"
+#include "virsecureerase.h"

 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
@ -206,7 +207,8 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
    return 0;

 error:
-    VIR_DISPOSE_N(ciphertext, ciphertextlen);
+    virSecureErase(ciphertext, ciphertextlen);
+    g_free(ciphertext);
    memset(&enc_key, 0, sizeof(gnutls_datum_t));
    memset(&iv_buf, 0, sizeof(gnutls_datum_t));
    return -1;