Revert "conf: clean up memory containing secrets before freeing"

Adding supposedly secure cleanup for secrets in anything related to the XML parser is pointless because there are multiple other un-sanitized copies of the full XML and the XML parser state at the very least. Similarly in case RPC was used to transport the XML the RPC buffers are not sanitized. Additionally this patch was incomplete as it didn't sanitize the password in the cleanup function for virDomainGraphicsAuthDef. This reverts commit 51f8130d78 Signed-off-by: Peter Krempa <pkrempa@redhat.com> Reviewed-by: Pavel Hrdina <phrdina@redhat.com> Reviewed-by: Ján Tomko <jtomko@redhat.com>
2024-07-11 04:15:49 +00:00 · 2022-09-07 13:09:13 +02:00 · 2022-09-07 13:09:13 +02:00 · 72cf345bc2
commit 72cf345bc2
parent ecc742126a
1 changed files with 0 additions and 2 deletions
--- a/src/conf/domain_conf.c
+++ b/src/conf/domain_conf.c
@ -60,7 +60,6 @@
 #include "virdomainsnapshotobjlist.h"
 #include "virdomaincheckpointobjlist.h"
 #include "virutil.h"
-#include "virsecureerase.h"
 #include "virdomainjob.h"

 #define VIR_FROM_THIS VIR_FROM_DOMAIN
@ -10862,7 +10861,6 @@ virDomainGraphicsAuthDefParseXML(xmlNodePtr node,
            virReportError(VIR_ERR_INTERNAL_ERROR,
                           _("cannot parse password validity time '%s', expect YYYY-MM-DDTHH:MM:SS"),
                           validTo);
-            virSecureEraseString(def->passwd);
            VIR_FREE(def->passwd);
            return -1;
        }