diff options
| author | Lennart Poettering <lennart@poettering.net> | 2019-07-10 16:20:50 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2019-07-10 16:20:50 +0200 |
| commit | 6f209cb01d3d85d9073b9d6ca6f5dc3ae49c37dd (patch) | |
| tree | 2fcc97d235afeb39e257c005b141934786fa3226 /src/shared | |
| parent | a082157282cf36308b7733a48b43a0ca09c7103a (diff) | |
| parent | c7dd2095269923915b872b31404579e31da36012 (diff) | |
| download | systemd-6f209cb01d3d85d9073b9d6ca6f5dc3ae49c37dd.tar.gz systemd-6f209cb01d3d85d9073b9d6ca6f5dc3ae49c37dd.tar.bz2 systemd-6f209cb01d3d85d9073b9d6ca6f5dc3ae49c37dd.zip | |
Merge pull request #12965 from keszybz/auto-erase
_cleanup_(erase_and_freep)
Diffstat (limited to 'src/shared')
| -rw-r--r-- | src/shared/ask-password-api.c | 25 |
1 files changed, 11 insertions, 14 deletions
diff --git a/src/shared/ask-password-api.c b/src/shared/ask-password-api.c index 6c0a369902..00c41a0382 100644 --- a/src/shared/ask-password-api.c +++ b/src/shared/ask-password-api.c @@ -63,13 +63,16 @@ static int lookup_key(const char *keyname, key_serial_t *ret) { } static int retrieve_key(key_serial_t serial, char ***ret) { - _cleanup_free_ char *p = NULL; - long m = 100, n; + size_t nfinal, m = 100; char **l; + _cleanup_(erase_and_freep) char *pfinal = NULL; assert(ret); for (;;) { + _cleanup_(erase_and_freep) char *p = NULL; + long n; + p = new(char, m); if (!p) return -ENOMEM; @@ -77,33 +80,28 @@ static int retrieve_key(key_serial_t serial, char ***ret) { n = keyctl(KEYCTL_READ, (unsigned long) serial, (unsigned long) p, (unsigned long) m, 0); if (n < 0) return -errno; - if (n < m) + if ((size_t) n < m) { + nfinal = (size_t) n; + pfinal = TAKE_PTR(p); break; - - explicit_bzero_safe(p, m); + } if (m > LONG_MAX / 2) /* overflow check */ return -ENOMEM; m *= 2; - if ((long) (size_t) m != m) /* make sure that this still fits if converted to size_t */ - return -ENOMEM; - - free(p); } - l = strv_parse_nulstr(p, n); + l = strv_parse_nulstr(pfinal, nfinal); if (!l) return -ENOMEM; - explicit_bzero_safe(p, n); - *ret = l; return 0; } static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **passwords) { _cleanup_strv_free_erase_ char **l = NULL; - _cleanup_free_ char *p = NULL; + _cleanup_(erase_and_freep) char *p = NULL; key_serial_t serial; size_t n; int r; @@ -131,7 +129,6 @@ static int add_to_keyring(const char *keyname, AskPasswordFlags flags, char **pa return r; serial = add_key("user", keyname, p, n, KEY_SPEC_USER_KEYRING); - explicit_bzero_safe(p, n); if (serial == -1) return -errno; |