tree-wide: whenever we deal with passwords, erase them from memory after use

A bit snake-oilish, but can't hurt.
author: Lennart Poettering <lennart@poettering.net> 2015-10-14 22:40:23 +0200
committer: Lennart Poettering <lennart@poettering.net> 2015-10-19 23:13:07 +0200
commit: 1602b008531ba6e0c704588cb2643daef26b71d9 (patch)
tree: 20cfee002c72138337da1822654af4e9266f4937 /src/basic
parent: 0245cf8167d34e483955b90da7f5d5f154ca57ef (diff)
2 files changed, 22 insertions, 0 deletions
diff --git a/src/basic/util.c b/src/basic/util.c
index 2565b0f547..f24db9796e 100644
--- a/src/basic/util.c
+++ b/src/basic/util.c
@@ -6805,3 +6805,21 @@ bool fdname_is_valid(const char *s) {
 bool oom_score_adjust_is_valid(int oa) {
         return oa >= OOM_SCORE_ADJ_MIN && oa <= OOM_SCORE_ADJ_MAX;
 }
+
+void string_erase(char *x) {
+
+        if (!x)
+                return;
+
+        /* A delicious drop of snake-oil! To be called on memory where
+         * we stored passphrases or so, after we used them. */
+
+        memory_erase(x, strlen(x));
+}
+
+void strv_erase(char **l) {
+        char **i;
+
+        STRV_FOREACH(i, l)
+                string_erase(*i);
+}
diff --git a/src/basic/util.h b/src/basic/util.h
index 6c63bc221f..b1c64675e0 100644
--- a/src/basic/util.h
+++ b/src/basic/util.h
@@ -943,3 +943,7 @@ int version(void);
 bool fdname_is_valid(const char *s);
 
 bool oom_score_adjust_is_valid(int oa);
+
+#define memory_erase(p, l) memset((p), 'x', (l))
+void string_erase(char *x);
+void strv_erase(char **l);
author	Lennart Poettering <lennart@poettering.net>	2015-10-14 22:40:23 +0200
committer	Lennart Poettering <lennart@poettering.net>	2015-10-19 23:13:07 +0200
commit	1602b008531ba6e0c704588cb2643daef26b71d9 (patch)
tree	20cfee002c72138337da1822654af4e9266f4937 /src/basic
parent	0245cf8167d34e483955b90da7f5d5f154ca57ef (diff)