From nobody Mon Feb 9 06:50:23 2026 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612187009; cv=none; d=zohomail.com; s=zohoarc; b=B03lSLfdTLsm8fkU7ZxGdVzbR2XZd7AWidduZUwzsJhl8CoGLzLPbmVBiQfNvEh3x7y0NuX2GcbStn+vQEaMGGFfNS5ICgULw1aULRLw0l9zI693mWi8a8VzAcYDLee3hafZw0E1IYttC8FqDxFLCF6d7eNHPKX+0WW8OcecQe4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612187009; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iFbMjKhYA5AY9q4kHAim48q6IHyZbkrdC5O8xO7fw6E=; b=BHv6DYiE6WPjDYg5xFfjXAVQmKSLjPJfPzVr9O+mf3TbNdvWqZWvxuWyjLQzj/WV7Y/nhouXhMhLwK4g09zCZxxwR/MD7Ht44xORgXQgHkinVKKB3Q+XayFW4YGJasTID1h6nCyz/HdU9yfuS6MbR5vj70JOi7FryALqVL0Heys= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612187009060980.3488279855817; Mon, 1 Feb 2021 05:43:29 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-423-Zn3QEpnNPhqT42P22R3wZQ-1; Mon, 01 Feb 2021 08:43:24 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id ADA6D801AB6; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 861ED10016F9; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2A054180954D; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdLtu023479 for ; Mon, 1 Feb 2021 08:39:21 -0500 Received: by smtp.corp.redhat.com (Postfix) id B399760C68; Mon, 1 Feb 2021 13:39:21 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0D41660C66 for ; Mon, 1 Feb 2021 13:39:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612187007; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iFbMjKhYA5AY9q4kHAim48q6IHyZbkrdC5O8xO7fw6E=; b=R8uYp5BYICm4cc+xIxjK/1SgwYokPJCPka07v9b/szgnJek0E6+bFfdrUZwhKUNSHTUhnZ ljWlAm9TlFEdvwhli5hwemn9/AhuOrg0PtnercHhuoMigncAV1F/3ZtlagTujQOkc6vX+K VUB/wQW2QL1Ac0By7deEXWKNKPw6YvA= X-MC-Unique: Zn3QEpnNPhqT42P22R3wZQ-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 08/14] virsh: cmdSecretSetValue: Rework handling of the secret value Date: Mon, 1 Feb 2021 14:39:00 +0100 Message-Id: <8e0ba230bd50b6fce51d5229ad003e4abbc12998.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Use a single buffer for the secret to make it easier to follow it's lifecycle. For base64 decoding use a local temporary buffer which will be cleared right away. This also uses memset for clearing the bufer instead of VIR_DISPOSE_N which is being phased out. Signed-off-by: Peter Krempa --- tools/virsh-secret.c | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 5d656151e8..23bbd61698 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -202,10 +202,8 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) g_autoptr(virshSecret) secret =3D NULL; const char *base64 =3D NULL; const char *filename =3D NULL; - char *file_buf =3D NULL; - size_t file_len =3D 0; - unsigned char *value; - size_t value_size; + g_autofree char *secret_val =3D NULL; + size_t secret_len =3D 0; bool plain =3D vshCommandOptBool(cmd, "plain"); bool interactive =3D vshCommandOptBool(cmd, "interactive"); int res; @@ -228,41 +226,41 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) if (base64) { /* warn users that the --base64 option passed from command line is= wrong */ vshError(ctl, _("Passing secret value as command-line argument is = insecure!")); + secret_val =3D g_strdup(base64); + secret_len =3D strlen(secret_val); } else if (filename) { ssize_t read_ret; - if ((read_ret =3D virFileReadAll(filename, 1024, &file_buf)) < 0) { + if ((read_ret =3D virFileReadAll(filename, 1024, &secret_val)) < 0= ) { vshSaveLibvirtError(); return false; } - file_len =3D read_ret; - base64 =3D file_buf; + secret_len =3D read_ret; } else if (interactive) { vshPrint(ctl, "%s", _("Enter new value for secret:")); fflush(stdout); - if (!(file_buf =3D virGetPassword())) { + if (!(secret_val =3D virGetPassword())) { vshError(ctl, "%s", _("Failed to read secret")); return false; } - file_len =3D strlen(file_buf); + secret_len =3D strlen(secret_val); plain =3D true; } else { vshError(ctl, _("Input secret value is missing")); return false; } - if (plain) { - value =3D g_steal_pointer(&file_buf); - value_size =3D file_len; - file_len =3D 0; - } else { - value =3D g_base64_decode(base64, &value_size); + if (!plain) { + g_autofree char *tmp =3D g_steal_pointer(&secret_val); + size_t tmp_len =3D secret_len; + + secret_val =3D (char *) g_base64_decode(tmp, &secret_len); + memset(tmp, 0, tmp_len); } - res =3D virSecretSetValue(secret, value, value_size, 0); - VIR_DISPOSE_N(value, value_size); - VIR_DISPOSE_N(file_buf, file_len); + res =3D virSecretSetValue(secret, (unsigned char *) secret_val, secret= _len, 0); + memset(secret_val, 0, secret_len); if (res !=3D 0) { vshError(ctl, "%s", _("Failed to set secret value")); --=20 2.29.2