Merge pull request #1568 from poettering/netclass

various fixes, for various things
author: Daniel Mack <github@zonque.org> 2015-10-20 10:31:38 +0200
committer: Daniel Mack <github@zonque.org> 2015-10-20 10:31:38 +0200
commit: 824b35c3859bc99b97ac5fa6e09aa34627e9bcd5 (patch)
tree: 266c8f9988ba8d1cab00a55b360b3f2e42096dde /src/shared/ask-password-api.c
parent: ec566e4c7cee67ec2c39475ef08f18a9f1b80efd (diff)
parent: 2229f656677f0d50c507aec40cda59f66da5c949 (diff)
1 files changed, 14 insertions, 3 deletions
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c
index f8cf11b297..ddf42f11e1 100644
--- a/src/shared/ask-password-api.c
+++ b/src/shared/ask-password-api.c
@@ -78,6 +78,7 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
                 if (n < m)
                         break;
 
+                memory_erase(p, n);
                 free(p);
                 m *= 2;
         }
@@ -86,12 +87,14 @@ static int retrieve_key(key_serial_t serial, char ***ret) {
         if (!l)
                 return -ENOMEM;
 
+        memory_erase(p, n);
+
         *ret = l;
         return 0;
 }
 
 static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **passwords) {
-        _cleanup_strv_free_ char **l = NULL;
+        _cleanup_strv_free_erase_ char **l = NULL;
         _cleanup_free_ char *p = NULL;
         key_serial_t serial;
         size_t n;
@@ -124,6 +127,7 @@ static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **pa
         assert(p[n-1] == 0);
 
         serial = add_key("user", keyname, p, n-1, KEY_SPEC_USER_KEYRING);
+        memory_erase(p, n);
         if (serial == -1)
                 return -errno;
 
@@ -361,9 +365,12 @@ int ask_password_tty(
 
                         dirty = true;
                 }
+
+                c = 'x';
         }
 
         x = strndup(passphrase, p);
+        memory_erase(passphrase, p);
         if (!x) {
                 r = -ENOMEM;
                 goto finish;
@@ -620,6 +627,7 @@ int ask_password_agent(
                                 l = strv_new("", NULL);
                         else
                                 l = strv_parse_nulstr(passphrase+1, n-1);
+                        memory_erase(passphrase, n);
                         if (!l) {
                                 r = -ENOMEM;
                                 goto finish;
@@ -688,9 +696,12 @@ int ask_password_auto(
                 if (r < 0)
                         return r;
 
-                r = strv_consume(&l, s);
-                if (r < 0)
+                r = strv_push(&l, s);
+                if (r < 0) {
+                        string_erase(s);
+                        free(s);
                         return -ENOMEM;
+                }
 
                 *ret = l;
                 return 0;
author	Daniel Mack <github@zonque.org>	2015-10-20 10:31:38 +0200
committer	Daniel Mack <github@zonque.org>	2015-10-20 10:31:38 +0200
commit	824b35c3859bc99b97ac5fa6e09aa34627e9bcd5 (patch)
tree	266c8f9988ba8d1cab00a55b360b3f2e42096dde /src/shared/ask-password-api.c
parent	ec566e4c7cee67ec2c39475ef08f18a9f1b80efd (diff)
parent	2229f656677f0d50c507aec40cda59f66da5c949 (diff)