Codebase list krb5 / c051de6
Use zap() more consistently Use zap() or zapfree() in places where we previously used memset() to scrub memory. Reported by Zhaomo Yang and Brian Johannesmeyer. (cherry picked from commit d58cfa06bab766cf1354bc593deea300388072c0) ticket: 8514 version_fixed: 1.15 Greg Hudson authored 7 years ago Tom Yu committed 7 years ago
10 changed file(s) with 16 addition(s) and 35 deletion(s). Raw diff Collapse all Expand all
+1
-4
src/kadmin/dbutil/kdb5_create.c less more
347347 printf(_("Warning: couldn't stash master key.\n"));
348348 }
349349 /* clean up */
350 if (pw_str) {
351 memset(pw_str, 0, pw_size);
352 free(pw_str);
353 }
350 zapfree(pw_str, pw_size);
354351 free(master_salt.data);
355352
356353 if (kadm5_create(&global_params)) {
+1
-2
src/kdc/main.c less more
169169 krb5_free_principal(rdp->realm_context, rdp->realm_tgsprinc);
170170 krb5_free_context(rdp->realm_context);
171171 }
172 memset(rdp, 0, sizeof(*rdp));
173 free(rdp);
172 zapfree(rdp, sizeof(*rdp));
174173 }
175174
176175 /* Set *val_out to an allocated string containing val1 and/or val2, separated
+2
-4
src/lib/crypto/builtin/enc_provider/rc4.c less more
143143 (const unsigned char *)iov->data.data, iov->data.length);
144144 }
145145
146 if (state == NULL) {
147 memset(arcfour_ctx, 0, sizeof(ArcfourContext));
148 free(arcfour_ctx);
149 }
146 if (state == NULL)
147 zapfree(arcfour_ctx, sizeof(ArcfourContext));
150148
151149 return 0;
152150 }
+1
-1
src/lib/gssapi/krb5/delete_sec_context.c less more
8686 krb5_free_context(ctx->k5_context);
8787
8888 /* Zero out context */
89 memset(ctx, 0, sizeof(*ctx));
89 zap(ctx, sizeof(*ctx));
9090 xfree(ctx);
9191
9292 /* zero the handle itself */
+1
-1
src/lib/gssapi/krb5/export_sec_context.c less more
9090 if (kret != 0 && context != 0)
9191 save_error_info((OM_uint32)kret, context);
9292 if (obuffer && bufsize) {
93 memset(obuffer, 0, bufsize);
93 zap(obuffer, bufsize);
9494 xfree(obuffer);
9595 }
9696 if (*minor_status == 0)
+2
-2
src/lib/gssapi/krb5/lucid_context.c less more
265265 {
266266 if (key) {
267267 if (key->data && key->length) {
268 memset(key->data, 0, key->length);
268 zap(key->data, key->length);
269269 xfree(key->data);
270 memset(key, 0, sizeof(gss_krb5_lucid_key_t));
270 zap(key, sizeof(gss_krb5_lucid_key_t));
271271 }
272272 }
273273 }
+2
-4
src/lib/gssapi/mechglue/g_initialize.c less more
559559 if (cf->mech_type != GSS_C_NO_OID &&
560560 cf->mech_type != &cf->mech->mech_type)
561561 generic_gss_release_oid(&minor_status, &cf->mech_type);
562 if (cf->mech != NULL && cf->freeMech) {
563 memset(cf->mech, 0, sizeof(*cf->mech));
564 free(cf->mech);
565 }
562 if (cf->freeMech)
563 zapfree(cf->mech, sizeof(*cf->mech));
566564 if (cf->dl_handle != NULL)
567565 krb5int_close_plugin(cf->dl_handle);
568566 if (cf->int_mech_type != GSS_C_NO_OID)
+2
-7
src/lib/kadm5/srv/svr_principal.c less more
4747 if ( from->key_data_length[i] ) {
4848 to->key_data_contents[i] = malloc(from->key_data_length[i]);
4949 if (to->key_data_contents[i] == NULL) {
50 for (i = 0; i < idx; i++) {
51 if (to->key_data_contents[i]) {
52 memset(to->key_data_contents[i], 0,
53 to->key_data_length[i]);
54 free(to->key_data_contents[i]);
55 }
56 }
50 for (i = 0; i < idx; i++)
51 zapfree(to->key_data_contents[i], to->key_data_length[i]);
5752 return ENOMEM;
5853 }
5954 memcpy(to->key_data_contents[i], from->key_data_contents[i],
+1
-2
src/lib/krb5/krb/authdata.c less more
479479 context->modules = NULL;
480480 }
481481 krb5int_close_plugin_dirs(&context->plugins);
482 memset(context, 0, sizeof(*context));
483 free(context);
482 zapfree(context, sizeof(*context));
484483 }
485484
486485 krb5_error_code KRB5_CALLCONV
+3
-8
src/lib/krb5/krb/pac.c less more
124124 krb5_pac pac)
125125 {
126126 if (pac != NULL) {
127 if (pac->data.data != NULL) {
128 memset(pac->data.data, 0, pac->data.length);
129 free(pac->data.data);
130 }
131 if (pac->pac != NULL)
132 free(pac->pac);
133 memset(pac, 0, sizeof(*pac));
134 free(pac);
127 zapfree(pac->data.data, pac->data.length);
128 free(pac->pac);
129 zapfree(pac, sizeof(*pac));
135130 }
136131 }
137132