util: secure erase virCommand send buffers

All users of virCommandSetSendBuffer() are using it to send sensitive data to a child process. So, since these buffers contain sensitive information, clear it with virSecureErase(). Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
2024-07-05 01:22:38 +00:00 · 2023-02-07 14:05:22 -06:00 · 2023-02-07 14:05:22 -06:00 · 545e16fab5
commit 545e16fab5
parent dfa657aa27
1 changed files with 2 additions and 0 deletions
--- a/src/util/vircommand.c
+++ b/src/util/vircommand.c
@ -54,6 +54,7 @@
 #include "virpidfile.h"
 #include "virprocess.h"
 #include "virbuffer.h"
+#include "virsecureerase.h"
 #include "virthread.h"
 #include "virstring.h"

@ -1697,6 +1698,7 @@ virCommandFreeSendBuffers(virCommand *cmd)

    for (i = 0; i < virCommandGetNumSendBuffers(cmd); i++) {
        VIR_FORCE_CLOSE(cmd->sendBuffers[i].fd);
+        virSecureErase(cmd->sendBuffers[i].buffer, cmd->sendBuffers[i].buflen);
        VIR_FREE(cmd->sendBuffers[i].buffer);
    }
    VIR_FREE(cmd->sendBuffers);