summaryrefslogtreecommitdiff
path: root/src/journal
diff options
context:
space:
mode:
authorLucas Werkmeister <mail@lucaswerkmeister.de>2017-01-15 05:03:00 +0100
committerZbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>2017-01-14 23:03:00 -0500
commit6bae9b2abb8a9d04cf7b38b6d343b305f09fecf3 (patch)
tree8a007e1fe9cfc056800ebde2fa3fbf50883a30dd /src/journal
parent6b3d378331fe714c7bf2263eaa9a8b33fc878e7c (diff)
journalctl: expunge verification key from argv (#5081)
After parsing the --verify-key argument, overwrite it with null bytes. This minimizes (but does not completely eliminate) the time frame within which another process on the system can extract the verification key from the journalctl command line.
Diffstat (limited to 'src/journal')
-rw-r--r--src/journal/journalctl.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/src/journal/journalctl.c b/src/journal/journalctl.c
index ecd1e94a33..73204b3753 100644
--- a/src/journal/journalctl.c
+++ b/src/journal/journalctl.c
@@ -103,7 +103,7 @@ static const char *arg_directory = NULL;
static char **arg_file = NULL;
static bool arg_file_stdin = false;
static int arg_priorities = 0xFF;
-static const char *arg_verify_key = NULL;
+static char *arg_verify_key = NULL;
#ifdef HAVE_GCRYPT
static usec_t arg_interval = DEFAULT_FSS_INTERVAL_USEC;
static bool arg_force = false;
@@ -683,8 +683,11 @@ static int parse_argv(int argc, char *argv[]) {
case ARG_VERIFY_KEY:
arg_action = ACTION_VERIFY;
- arg_verify_key = optarg;
+ arg_verify_key = strdup(optarg);
+ if (!arg_verify_key)
+ return -ENOMEM;
arg_merge = false;
+ string_erase(optarg);
break;
case ARG_INTERVAL:
@@ -2621,6 +2624,7 @@ finish:
strv_free(arg_user_units);
free(arg_root);
+ free(arg_verify_key);
return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
}