mirror of
https://gitlab.com/libvirt/libvirt.git
synced 2025-02-22 19:32:19 +00:00
util: secure erase virCommand send buffers
All users of virCommandSetSendBuffer() are using it to send sensitive data to a child process. So, since these buffers contain sensitive information, clear it with virSecureErase(). Signed-off-by: Jonathon Jongsma <jjongsma@redhat.com> Reviewed-by: Peter Krempa <pkrempa@redhat.com>
This commit is contained in:
parent
dfa657aa27
commit
545e16fab5
@ -54,6 +54,7 @@
|
||||
#include "virpidfile.h"
|
||||
#include "virprocess.h"
|
||||
#include "virbuffer.h"
|
||||
#include "virsecureerase.h"
|
||||
#include "virthread.h"
|
||||
#include "virstring.h"
|
||||
|
||||
@ -1697,6 +1698,7 @@ virCommandFreeSendBuffers(virCommand *cmd)
|
||||
|
||||
for (i = 0; i < virCommandGetNumSendBuffers(cmd); i++) {
|
||||
VIR_FORCE_CLOSE(cmd->sendBuffers[i].fd);
|
||||
virSecureErase(cmd->sendBuffers[i].buffer, cmd->sendBuffers[i].buflen);
|
||||
VIR_FREE(cmd->sendBuffers[i].buffer);
|
||||
}
|
||||
VIR_FREE(cmd->sendBuffers);
|
||||
|
Loading…
x
Reference in New Issue
Block a user