From ee88bce43d2db791eb38245109dab3152e65e132 Mon Sep 17 00:00:00 2001 From: Peter Krempa Date: Mon, 1 Feb 2021 12:55:27 +0100 Subject: [PATCH] qemu: domain: Use virSecureErase for clearing secrets instead of VIR_DISPOSE_N MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Phase out use of VIR_DISPOSE_N from the qemu driver. Use memset in the appropriate cases. Signed-off-by: Peter Krempa Reviewed-by: Daniel P. Berrangé --- src/qemu/qemu_domain.c | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 2c34307c82..e60f814e36 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -67,6 +67,7 @@ #include "backup_conf.h" #include "virutil.h" #include "virqemu.h" +#include "virsecureerase.h" #include #include @@ -443,7 +444,8 @@ qemuDomainMasterKeyFree(qemuDomainObjPrivatePtr priv) if (!priv->masterKey) return; - VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen); + virSecureErase(priv->masterKey, priv->masterKeyLen); + g_clear_pointer(&priv->masterKey, g_free); } /* qemuDomainMasterKeyReadFile: @@ -584,7 +586,8 @@ static void qemuDomainSecretPlainClear(qemuDomainSecretPlainPtr secret) { VIR_FREE(secret->username); - VIR_DISPOSE_N(secret->secret, secret->secretlen); + virSecureErase(secret->secret, secret->secretlen); + g_clear_pointer(&secret->secret, g_free); } @@ -1131,7 +1134,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv, g_autoptr(virConnect) conn = virGetConnectSecret(); qemuDomainSecretInfoPtr secinfo; g_autofree char *alias = qemuAliasForSecret(srcalias, secretuse); - uint8_t *secret = NULL; + g_autofree uint8_t *secret = NULL; size_t secretlen = 0; if (!conn) @@ -1143,7 +1146,7 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPrivatePtr priv, secinfo = qemuDomainSecretAESSetup(priv, alias, username, secret, secretlen); - VIR_DISPOSE_N(secret, secretlen); + virSecureErase(secret, secretlen); return secinfo; }