From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186763; cv=none; d=zohomail.com; s=zohoarc; b=ReIVx/GPH3tV+hJL8i5xhwBrq7kZF+TV6DIS9IMt9mVD78a8upaT1xdGmA0/pXI550EqQg6dLOu89JlaE3n9WLqkK6ukRjiTQi1pP1IoDDXqd7IX5vAme0uGR0r/+nDIlVFXFvRn1ibzaWlMqD+J35R2pLPfXItGYa/LmC7WFOo= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186763; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=p01/cN/wvri86QKZJ2uBPJH5wvDYqdfWyZhNhE/5AvQ=; b=G7Rl26ZhpwFEOtO/Xi8hPlzLZWGXEl+OfKFVS1oG0s+U0NX22yyrnj8KYTfgNLwfcKKy7ZPSkPHd6/XjWxHbF4sHCg8cPhhx8qb9TOYoXVFoPP3MwDr073FyzqVZuqnF3fQc0F+UlW8YjB4m84TmnwCHsKuTwMtVwjEGVjgLOrk= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1612186763368635.5827678733549; Mon, 1 Feb 2021 05:39:23 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-198-AjcQ9VBZM-2oAUjP8CItRA-1; Mon, 01 Feb 2021 08:39:20 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id B656CCC622; Mon, 1 Feb 2021 13:39:14 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 4B4835D735; Mon, 1 Feb 2021 13:39:14 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0F9491809C9F; Mon, 1 Feb 2021 13:39:14 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdCxX023332 for ; Mon, 1 Feb 2021 08:39:12 -0500 Received: by smtp.corp.redhat.com (Postfix) id 43B3160C68; Mon, 1 Feb 2021 13:39:12 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 99AC460C66 for ; Mon, 1 Feb 2021 13:39:11 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186762; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=p01/cN/wvri86QKZJ2uBPJH5wvDYqdfWyZhNhE/5AvQ=; b=dsxuebPPwm+9pccSECKHGgvo7h1q+elMBKn4D3Dw29xRi/KWv+bfwFZ9jY+gL/VWdGUhuS wkM/Fyv5PtWCz+YRIeOBWu3P5wzMolGW18goJT6tNl6DeAoQw7zSWt4wVzhE0yglMVZYkE EMLQU1WAErvAwSYTEwYOl27jsKD/W3o= X-MC-Unique: AjcQ9VBZM-2oAUjP8CItRA-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 01/14] hypervFreeInvokeParams: Don't use VIR_DISPOSE_N for freeing 'params' Date: Mon, 1 Feb 2021 14:38:53 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The struct doesn't contain any secrets to clear before freeing and even if it did VIR_DISPOSE_N wouldn't help as the struct contains only pointers thus the actual memory pointing to isn't sanitized. Just free the params array pointer and then the struct itself. Signed-off-by: Peter Krempa --- src/hyperv/hyperv_wmi.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/src/hyperv/hyperv_wmi.c b/src/hyperv/hyperv_wmi.c index a28bb0e815..3bb75392a7 100644 --- a/src/hyperv/hyperv_wmi.c +++ b/src/hyperv/hyperv_wmi.c @@ -184,8 +184,8 @@ hypervFreeInvokeParams(hypervInvokeParamsListPtr params) } } - VIR_DISPOSE_N(params->params, params->nbAvailParams); - VIR_FREE(params); + g_free(params->params); + g_free(params); } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186772; cv=none; d=zohomail.com; s=zohoarc; b=nYnjF42gtio+vqZUWs5w7fjCPFqZwMsGAPdDlYmKHE1s/O3MhYNfWtTfNn20B9zSxhTuHAwg6xe+uS8iX/1/ZxzaB2Hi81rSoLD6N9whygTAossk97LdAMFAUhTno1o9qd3yNT8JoyMZXeWD0nTSLXVcb6gtX5GtOHqqO/Xlmno= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186772; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=UizPWiL3MsSp1hXNWDzUCWsB3exVQQmqnCWl2FjbW0E=; b=hBcKF5wID6BAMiMWu4DtGBf7k7+7aDar/cOY68RAVl+AskMbYkMRTXTT9CQJeUYsgOskU9L+b5LioF/C95Un+Xlb2epEYpa7QxID4//70beD1W3vAIJT2YHIeVv4Tw4PrOnnBNdzVlEhrvHO0sd/7MgCGKOB9jm+juvC3Aa+VaI= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186772150477.86540561415495; Mon, 1 Feb 2021 05:39:32 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-529-A8TJEvLmONqqFXv0_M86AA-1; Mon, 01 Feb 2021 08:39:28 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4BBAC801B1A; Mon, 1 Feb 2021 13:39:22 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 18BBA6E51F; Mon, 1 Feb 2021 13:39:22 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D36D45003B; Mon, 1 Feb 2021 13:39:21 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdDls023345 for ; Mon, 1 Feb 2021 08:39:13 -0500 Received: by smtp.corp.redhat.com (Postfix) id 4DB8660C68; Mon, 1 Feb 2021 13:39:13 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id A7FAA60C66 for ; Mon, 1 Feb 2021 13:39:12 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186771; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=UizPWiL3MsSp1hXNWDzUCWsB3exVQQmqnCWl2FjbW0E=; b=T1sNr+IVJXVrZPlZqOLhv5QY7bAhYlIzveUisIcYcjr+wMCic+ma28FgQMdZkGABNPwkoV yP415P25u7GYTNf1k0vE3u3roJlAZ512D1F9NmLegidsX+Llp0QZd81xpKlPeoggtks+kf VuKA79j1B2RVBVl3xiNuGSmzcMinTO8= X-MC-Unique: A8TJEvLmONqqFXv0_M86AA-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 02/14] libxlMakeDomBuildInfo: Don't use VIR_DISPOSE_N for USB device list Date: Mon, 1 Feb 2021 14:38:54 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The list isn't secret which would need being disposed of. Just expand the array and return failure when adding the NULL terminator similarly to how we expand the list for adding devices in a loop. Signed-off-by: Peter Krempa --- src/libxl/libxl_conf.c | 1 - 1 file changed, 1 deletion(-) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index 6a8ae27f54..cb1fd7df7d 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -686,7 +686,6 @@ libxlMakeDomBuildInfo(virDomainDefPtr def, /* NULL-terminate usbdevice_list */ if (nusbdevice > 0 && VIR_EXPAND_N(b_info->u.hvm.usbdevice_list, nusbdevice, 1) < 0)= { - VIR_DISPOSE_N(b_info->u.hvm.usbdevice_list, nusbdevice); return -1; } #endif --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186994; cv=none; d=zohomail.com; s=zohoarc; b=WG0fVLUcu/e0Zd8Bd7NPz6gkAb1ztGC5A0MjLK0tT4fZbposNWf9WHBOPnK+R0K0/GkAH7RthSug/r5Vj559YqgBxk3A+qytlIacThK8fcpSbcfSuNqAmZtVQXh0SIQ3YxokuAoB+pBK9UULYiH5NNsxOW3tseIY3Vhkzr4HVuc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186994; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=LwmMS5d94dOCYZDAoTvF5J2EXZzttN9ILSj5gUBMbhc=; b=RK6qbSKHTCMVSBgAqC9Z3rZAzKWCToKhBwHNCSjwoL2FsTruSQE/6MvhdQuKgET5ZNyt357VMarlP8OPp6oVlIwFe9yQeTVJdu08ZPsiB6ljiNV5CpdIadnrJImjUECq/ct+nGkiKatYlpYqij16vFPbAR+3Ci3rtQUu9i/bfaA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186994424535.827343371015; Mon, 1 Feb 2021 05:43:14 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-401-gjUFNclKNKSGTfpPHtY8qg-1; Mon, 01 Feb 2021 08:43:11 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 49302801817; Mon, 1 Feb 2021 13:43:05 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 6E3DE9D53; Mon, 1 Feb 2021 13:43:04 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 6762B5003D; Mon, 1 Feb 2021 13:43:03 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdEq5023366 for ; Mon, 1 Feb 2021 08:39:14 -0500 Received: by smtp.corp.redhat.com (Postfix) id 5369160C68; Mon, 1 Feb 2021 13:39:14 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id AFA1160C66 for ; Mon, 1 Feb 2021 13:39:13 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186993; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=LwmMS5d94dOCYZDAoTvF5J2EXZzttN9ILSj5gUBMbhc=; b=VS/0emI7PMJ6wlLrDTMSNEnSmKDSDITMKzg/Wq23MrvlHbpUJLgwrAQmITd/EQMZEai0A0 mB/N9g2BaOKW796dw4fJZtrNQjxgk2DmT0BxFF7kWDe/FQRyRqQgXlpvEtD+9sffoZUl7v dFX9/kAsRir3916Z2z0TZi2PKatR1dg= X-MC-Unique: gjUFNclKNKSGTfpPHtY8qg-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 03/14] storage_backend_iscsi(_direct): Properly clear secrets Date: Mon, 1 Feb 2021 14:38:55 +0100 Message-Id: <76e0a05bb83fb2b98e4cb5890d1ac85ee7dcb374.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The code pretends that it cares about clearing the secret values, but passes the secret value to a realloc, which may copy the value somewhere else and doesn't sanitize the original location when it does so. Since we want to construct a string from the value, let's copy it to a new piece of memory which has the space for the 'NUL' byte ourselves, to prevent a random realloc keeping the data around. While at it, use memset of VIR_DISPOSE_N since it's being phased out. Signed-off-by: Peter Krempa --- src/storage/storage_backend_iscsi.c | 16 +++++++++------- src/storage/storage_backend_iscsi_direct.c | 17 +++++++++-------- 2 files changed, 18 insertions(+), 15 deletions(-) diff --git a/src/storage/storage_backend_iscsi.c b/src/storage/storage_back= end_iscsi.c index 45167e4490..b24b8d54b1 100644 --- a/src/storage/storage_backend_iscsi.c +++ b/src/storage/storage_backend_iscsi.c @@ -256,8 +256,9 @@ static int virStorageBackendISCSISetAuth(const char *portal, virStoragePoolSourcePtr source) { - unsigned char *secret_value =3D NULL; + g_autofree unsigned char *secret_value =3D NULL; size_t secret_size; + g_autofree char *secret_str =3D NULL; virStorageAuthDefPtr authdef =3D source->auth; int ret =3D -1; virConnectPtr conn =3D NULL; @@ -282,10 +283,10 @@ virStorageBackendISCSISetAuth(const char *portal, &secret_value, &secret_size) < 0) goto cleanup; - if (VIR_REALLOC_N(secret_value, secret_size + 1) < 0) - goto cleanup; - - secret_value[secret_size] =3D '\0'; + secret_str =3D g_new0(char, secret_size + 1); + memcpy(secret_str, secret_value, secret_size); + memset(secret_value, 0, secret_size); + secret_str[secret_size] =3D '\0'; if (virISCSINodeUpdate(portal, source->devices[0].path, @@ -298,13 +299,14 @@ virStorageBackendISCSISetAuth(const char *portal, virISCSINodeUpdate(portal, source->devices[0].path, "node.session.auth.password", - (const char *)secret_value) < 0) + secret_str) < 0) goto cleanup; ret =3D 0; cleanup: - VIR_DISPOSE_N(secret_value, secret_size); + if (secret_str) + memset(secret_str, 0, secret_size); virObjectUnref(conn); return ret; } diff --git a/src/storage/storage_backend_iscsi_direct.c b/src/storage/stora= ge_backend_iscsi_direct.c index 12b075db0b..78b12f057f 100644 --- a/src/storage/storage_backend_iscsi_direct.c +++ b/src/storage/storage_backend_iscsi_direct.c @@ -87,8 +87,9 @@ static int virStorageBackendISCSIDirectSetAuth(struct iscsi_context *iscsi, virStoragePoolSourcePtr source) { - unsigned char *secret_value =3D NULL; + g_autofree unsigned char *secret_value =3D NULL; size_t secret_size; + g_autofree char *secret_str =3D NULL; virStorageAuthDefPtr authdef =3D source->auth; int ret =3D -1; virConnectPtr conn =3D NULL; @@ -113,14 +114,13 @@ virStorageBackendISCSIDirectSetAuth(struct iscsi_cont= ext *iscsi, &secret_value, &secret_size) < 0) goto cleanup; - if (VIR_REALLOC_N(secret_value, secret_size + 1) < 0) - goto cleanup; - - secret_value[secret_size] =3D '\0'; + secret_str =3D g_new0(char, secret_size + 1); + memcpy(secret_str, secret_value, secret_size); + memset(secret_value, 0, secret_size); + secret_str[secret_size] =3D '\0'; if (iscsi_set_initiator_username_pwd(iscsi, - authdef->username, - (const char *)secret_value) < 0) { + authdef->username, secret_str) < = 0) { virReportError(VIR_ERR_INTERNAL_ERROR, _("Failed to set credential: %s"), iscsi_get_error(iscsi)); @@ -129,7 +129,8 @@ virStorageBackendISCSIDirectSetAuth(struct iscsi_contex= t *iscsi, ret =3D 0; cleanup: - VIR_DISPOSE_N(secret_value, secret_size); + if (secret_str) + memset(secret_str, 0, secret_size); virObjectUnref(conn); return ret; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186773; cv=none; d=zohomail.com; s=zohoarc; b=YLYvjUtHr7gvNZdfqyU2WmA243coRntDYksiiyTuoaCRKdYwbvvqRyExWhnEx14gT2LD9AWxOhI4DQTE50gV3dAjZJS4MhIZbZWGjfzm+/cd6MLB0pNw32s4DM4sO4P4XRf8bJIZZ7FQzGvWG/guP0c6oHPJoJ1QrzwgPor24js= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186773; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=zbBNbI//gQ4U+XFFjXGv7fw7L/MCkRAl1A4+Y1WW9mU=; b=SlrF4QSRD2xOJBu1uph0H9PZisGVy3h5lXOBMCh4p62Q+y9Z3PtmVeKr2LZUqfipbwaVT/OewfuL9cZiCroEoDpndbcU4wkQqFAWnpYGFcczVqr5kPu9lRuzs4pq9u1iUIDRzkhYiZCl6jIMoZ+7rHJ70ybKtXTYl2U3vnlfQo4= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186773822886.1253350157031; Mon, 1 Feb 2021 05:39:33 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-537-APQUO4ZPPmSsnOV_Pz2MCg-1; Mon, 01 Feb 2021 08:39:30 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 7C22FCC627; Mon, 1 Feb 2021 13:39:23 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 59D9A39A64; Mon, 1 Feb 2021 13:39:23 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 235A45003B; Mon, 1 Feb 2021 13:39:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdFsi023376 for ; Mon, 1 Feb 2021 08:39:15 -0500 Received: by smtp.corp.redhat.com (Postfix) id 61F3960C68; Mon, 1 Feb 2021 13:39:15 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id B467D60C66 for ; Mon, 1 Feb 2021 13:39:14 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186772; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=zbBNbI//gQ4U+XFFjXGv7fw7L/MCkRAl1A4+Y1WW9mU=; b=few39oBFEijdFgRfhwCSgHlz0RTETOBDaWVzcSDSb6invRr9Xmwpy/rxRriqgzekHedb0Z gKe85Hs9ZFJPGY2+K/1MGdR1EBAHU95vlqd4UpqX4X0NXNIO6ugsMMT7TgTJGHcU+2QYpE mD2GU3iOjyZzxKoiagq8OAz8RgfLiB4= X-MC-Unique: APQUO4ZPPmSsnOV_Pz2MCg-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 04/14] libxlMakeNetworkDiskSrc: Avoid use of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:38:56 +0100 Message-Id: <84c9c83d91a0d51d3032beacf598c8423fb9c60f.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Clear the secret right after use with memset. Signed-off-by: Peter Krempa --- src/libxl/libxl_conf.c | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) diff --git a/src/libxl/libxl_conf.c b/src/libxl/libxl_conf.c index cb1fd7df7d..b2fcb21324 100644 --- a/src/libxl/libxl_conf.c +++ b/src/libxl/libxl_conf.c @@ -998,14 +998,15 @@ static int libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char **srcstr) { virConnectPtr conn =3D NULL; - uint8_t *secret =3D NULL; VIR_AUTODISPOSE_STR base64secret =3D NULL; - size_t secretlen =3D 0; char *username =3D NULL; int ret =3D -1; *srcstr =3D NULL; if (src->auth && src->protocol =3D=3D VIR_STORAGE_NET_PROTOCOL_RBD) { + g_autofree uint8_t *secret =3D NULL; + size_t secretlen =3D 0; + username =3D src->auth->username; if (!(conn =3D virConnectOpen("xen:///system"))) goto cleanup; @@ -1017,6 +1018,7 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char= **srcstr) /* RBD expects an encoded secret */ base64secret =3D g_base64_encode(secret, secretlen); + memset(secret, 0, secretlen); } if (!(*srcstr =3D libxlMakeNetworkDiskSrcStr(src, username, base64secr= et))) @@ -1025,7 +1027,6 @@ libxlMakeNetworkDiskSrc(virStorageSourcePtr src, char= **srcstr) ret =3D 0; cleanup: - VIR_DISPOSE_N(secret, secretlen); virObjectUnref(conn); return ret; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186776; cv=none; d=zohomail.com; s=zohoarc; b=FSN85fks6WSrGa97AEI+WlDcupUnYsVoN7sz7kaUgIfK3hWEgq+5UeVd+lty1bCdj4qWhj2xXgi9bvhn42MpGeO1qmqMQZ0oa2arV3ggeGlOWEvK6fe11Tocd4+gjjKaGqAgYFDgWWbvP4ZfvDf8jBHV+bvI79m9G9fw0vnPr1s= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186776; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=nDvBmCwhIM7K7rGLABqa7+gchn/yPOAcpkmL7NigqA8=; b=M7x+iUKzNTRk7mJzrBAhfyOs+oL83HtGGBd/VXRHqo0x8QjkqT273F7dz9JCxjf+nFkO89OUR2i66Q3nlkYZse/sYT22n64nRSY7ssNeGeo+Qd//omkNnNWD8YFdkfQeZ8F0I9CXAaGoB5f1OlKC2SSE4yuo//fxBj1KvLXOwiw= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1612186776061244.68626536984402; Mon, 1 Feb 2021 05:39:36 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-374-QtcuUkPRMciAsD7JRBZqOQ-1; Mon, 01 Feb 2021 08:39:31 -0500 Received: from smtp.corp.redhat.com (int-mx04.intmail.prod.int.phx2.redhat.com [10.5.11.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6C59559; Mon, 1 Feb 2021 13:39:26 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 145855DA2E; Mon, 1 Feb 2021 13:39:26 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id CF4041809CA1; Mon, 1 Feb 2021 13:39:25 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdIAX023402 for ; Mon, 1 Feb 2021 08:39:18 -0500 Received: by smtp.corp.redhat.com (Postfix) id 7AB6060C66; Mon, 1 Feb 2021 13:39:18 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id D969D60C68 for ; Mon, 1 Feb 2021 13:39:15 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186775; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=nDvBmCwhIM7K7rGLABqa7+gchn/yPOAcpkmL7NigqA8=; b=TNQsJP0OpPLSKB1uRBRurCPvhDqHU7ELf3+BVQftG7VNtSSFsr6+oKhDJHBMLJpR7yXc4Z g+reXz5dB/sGznq3vF5y2/+Y4XwibAceg4l2E7R8G61uB0dkAeNmf+mQB8r+xJFbBtHOJi CeMOy2feVMFWnwnnxVUSc05dTcHYrQ4= X-MC-Unique: QtcuUkPRMciAsD7JRBZqOQ-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 05/14] qemuDomainMasterKeyCreate: Don't use VIR_DISPOSE_N on failure Date: Mon, 1 Feb 2021 14:38:57 +0100 Message-Id: <04b30d2bdebf2e9e2013496d9bbfa50124b5cfa0.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.14 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" When virRandomBytes fails we don't get any random bytes and even if we did they don't have to be treated as secret as they weren't used in any way. Add a temporary variable with automatic freeing for the secret buffer and assign it only on success. Signed-off-by: Peter Krempa --- src/qemu/qemu_domain.c | 11 ++++++----- 1 file changed, 6 insertions(+), 5 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 0c078a9388..2c34307c82 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -562,18 +562,19 @@ int qemuDomainMasterKeyCreate(virDomainObjPtr vm) { qemuDomainObjPrivatePtr priv =3D vm->privateData; + g_autofree uint8_t *key =3D NULL; /* If we don't have the capability, then do nothing. */ if (!virQEMUCapsGet(priv->qemuCaps, QEMU_CAPS_OBJECT_SECRET)) return 0; - priv->masterKey =3D g_new0(uint8_t, QEMU_DOMAIN_MASTER_KEY_LEN); - priv->masterKeyLen =3D QEMU_DOMAIN_MASTER_KEY_LEN; + key =3D g_new0(uint8_t, QEMU_DOMAIN_MASTER_KEY_LEN); - if (virRandomBytes(priv->masterKey, priv->masterKeyLen) < 0) { - VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen); + if (virRandomBytes(key, QEMU_DOMAIN_MASTER_KEY_LEN) < 0) return -1; - } + + priv->masterKey =3D g_steal_pointer(&key); + priv->masterKeyLen =3D QEMU_DOMAIN_MASTER_KEY_LEN; return 0; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186869; cv=none; d=zohomail.com; s=zohoarc; b=hSv9SzE4ryuYUOhyrIHZjVn6SKbOObPH6GTsw/YYua/IAMyv4iFuZmAe6H5suxQKlsPUDGz8BmJ4/eJpPq9SdROQvMFK6F8FLBhWg97UdwHoTt/0ZE7w8G0oWiSODg1RMkrcVEfnjrzZEsMaEnNG7Lg6pmPaFam+1lKpOejQLOg= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186869; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=Ao7GOx39BZ+8YPvDDZgYRb+4GN2WV3OgksFPqONUgXY=; b=h5U00vkNWk6Uh/6UGj0xcKZ3rQA9KQ8Teh0Axp+ot7W+dzbN/PQ4GUeDAYs3CE7gr4rvGnJv0HhwQj5Lg+9qG2OB9/4vuQvnwIH8AMVX8UkszT7vPM2kAN08hAj3XtgaUUEXfDuJlRlhRkoHWiAxiYr+0WylI1U/REwYM0hj7DA= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186869447186.223219426593; Mon, 1 Feb 2021 05:41:09 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-559-Ml7RXHQbMnymO63YRfxYhA-1; Mon, 01 Feb 2021 08:39:30 -0500 Received: from smtp.corp.redhat.com (int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 222EE800D53; Mon, 1 Feb 2021 13:39:25 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F3F7A39A66; Mon, 1 Feb 2021 13:39:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id BDBD55003F; Mon, 1 Feb 2021 13:39:24 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdJIu023411 for ; Mon, 1 Feb 2021 08:39:19 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9005F60C68; Mon, 1 Feb 2021 13:39:19 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id EF63360C66 for ; Mon, 1 Feb 2021 13:39:18 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186868; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=Ao7GOx39BZ+8YPvDDZgYRb+4GN2WV3OgksFPqONUgXY=; b=REdi/pnON0/vUBNEmkBRukO3FCMzZxdHD3hXYpepmCU7uq6hdXr9SjFjX2SAg2Lh75jLUn OssqP5ufw3xzk7NbVaeSUmsdL7ZYRJAD86EW1SrHjeGauQYa++y7TpN55MYL7f4idBaPk1 SeOwJ0uWRH4BmDkC7CNo89D5o2pizL8= X-MC-Unique: Ml7RXHQbMnymO63YRfxYhA-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 06/14] qemu: domain: Use memset for clearing secrets instead of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:38:58 +0100 Message-Id: <31097c61a4ec7d1b77c61604b69c8b783f7d8da1.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Phase out use of VIR_DISPOSE_N from the qemu driver. Use memset in the appropriate cases. Signed-off-by: Peter Krempa --- src/qemu/qemu_domain.c | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/src/qemu/qemu_domain.c b/src/qemu/qemu_domain.c index 2c34307c82..7f3f704bf4 100644 --- a/src/qemu/qemu_domain.c +++ b/src/qemu/qemu_domain.c @@ -443,7 +443,10 @@ qemuDomainMasterKeyFree(qemuDomainObjPrivatePtr priv) if (!priv->masterKey) return; - VIR_DISPOSE_N(priv->masterKey, priv->masterKeyLen); + if (priv->masterKey) { + memset(priv->masterKey, 0, priv->masterKeyLen); + g_clear_pointer(&priv->masterKey, g_free); + } } /* qemuDomainMasterKeyReadFile: @@ -584,7 +587,10 @@ static void qemuDomainSecretPlainClear(qemuDomainSecretPlainPtr secret) { VIR_FREE(secret->username); - VIR_DISPOSE_N(secret->secret, secret->secretlen); + if (secret->secret) { + memset(secret->secret, 0, secret->secretlen); + g_clear_pointer(&secret->secret, g_free); + } } @@ -1143,7 +1149,8 @@ qemuDomainSecretAESSetupFromSecret(qemuDomainObjPriva= tePtr priv, secinfo =3D qemuDomainSecretAESSetup(priv, alias, username, secret, se= cretlen); - VIR_DISPOSE_N(secret, secretlen); + memset(secret, 0, secretlen); + g_free(secret); return secinfo; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186777; cv=none; d=zohomail.com; s=zohoarc; b=kbJwh8lUIt4L1XIwDxMmlPAh76Yt6geidL5skCz0zcm6KVfhXXm4225GPc70CFuYM3rZDebWTEkLXAGaoUJksLjYhdhsODU0xwuBrOxuMXHXMWu6g7fXtRnJckj19sSftbTU0rFuM0+t/Kc/tYFyyV9YlJkV5dcESZ1aI7PNwNA= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186777; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=R4rwiMdFXr7UYxZURDFo4AyF5SexOi7Kk9T8OmFFtTY=; b=ZaTfc8i97w9nc+sTuNjYeSStj1r1//c/LJ1HJR3A7xDMZqsKtKpeGdj7LRRg1VyDs6lMCXtfvzBr+ynOOW13+f+AAlAUUw01gLvMl7RtlQ40VrzweCkcsFk2B845R67+MFutzSm6zDbzKusty2huosQ0mdZysDGNkhNQKgfKkNc= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186777355516.9539850454005; Mon, 1 Feb 2021 05:39:37 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-201-woBu_MhUPD2ITQY354cc8g-1; Mon, 01 Feb 2021 08:39:34 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1B98584A5F0; Mon, 1 Feb 2021 13:39:28 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id E7913E145; Mon, 1 Feb 2021 13:39:27 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id ACEF81809CA5; Mon, 1 Feb 2021 13:39:27 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdKok023425 for ; Mon, 1 Feb 2021 08:39:20 -0500 Received: by smtp.corp.redhat.com (Postfix) id 9CD7860C68; Mon, 1 Feb 2021 13:39:20 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id F0A8460C66 for ; Mon, 1 Feb 2021 13:39:19 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186776; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=R4rwiMdFXr7UYxZURDFo4AyF5SexOi7Kk9T8OmFFtTY=; b=BKeHYJSN6ZE7CxndODzeGjBItfADtdFVG+x+uN3MSmNzkOAWENALz3qxMCwP8p8fF3GLcS cUGB86ilKxDxb81z3BuYx6GIeFGPlpB1IkArDfrmqWgLseJR9XT1VtW2HRbf/oiAFjIJSa IVSjIpPvK2Sf1rNNta4XBxIMNQ3AS5g= X-MC-Unique: woBu_MhUPD2ITQY354cc8g-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 07/14] cmdSecretSetValue: Make it obvious that --file, --base64 and --interactive are exlcusive Date: Mon, 1 Feb 2021 14:38:59 +0100 Message-Id: <8f7541fc90f224f407bfebf29c54b9494ba1f96b.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Convert the conditions to else if so that it's obvious that only one of the cases will ever be used. Signed-off-by: Peter Krempa --- tools/virsh-secret.c | 19 +++++++------------ 1 file changed, 7 insertions(+), 12 deletions(-) diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 16accc8ad2..5d656151e8 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -225,16 +225,10 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) if (vshCommandOptStringReq(ctl, cmd, "file", &filename) < 0) return false; - if (!base64 && !filename && !interactive) { - vshError(ctl, _("Input secret value is missing")); - return false; - } - - /* warn users that the --base64 option passed from command line is wro= ng */ - if (base64) + if (base64) { + /* warn users that the --base64 option passed from command line is= wrong */ vshError(ctl, _("Passing secret value as command-line argument is = insecure!")); - - if (filename) { + } else if (filename) { ssize_t read_ret; if ((read_ret =3D virFileReadAll(filename, 1024, &file_buf)) < 0) { vshSaveLibvirtError(); @@ -243,9 +237,7 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) file_len =3D read_ret; base64 =3D file_buf; - } - - if (interactive) { + } else if (interactive) { vshPrint(ctl, "%s", _("Enter new value for secret:")); fflush(stdout); @@ -255,6 +247,9 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) } file_len =3D strlen(file_buf); plain =3D true; + } else { + vshError(ctl, _("Input secret value is missing")); + return false; } if (plain) { --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612187009; cv=none; d=zohomail.com; s=zohoarc; b=B03lSLfdTLsm8fkU7ZxGdVzbR2XZd7AWidduZUwzsJhl8CoGLzLPbmVBiQfNvEh3x7y0NuX2GcbStn+vQEaMGGFfNS5ICgULw1aULRLw0l9zI693mWi8a8VzAcYDLee3hafZw0E1IYttC8FqDxFLCF6d7eNHPKX+0WW8OcecQe4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612187009; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=iFbMjKhYA5AY9q4kHAim48q6IHyZbkrdC5O8xO7fw6E=; b=BHv6DYiE6WPjDYg5xFfjXAVQmKSLjPJfPzVr9O+mf3TbNdvWqZWvxuWyjLQzj/WV7Y/nhouXhMhLwK4g09zCZxxwR/MD7Ht44xORgXQgHkinVKKB3Q+XayFW4YGJasTID1h6nCyz/HdU9yfuS6MbR5vj70JOi7FryALqVL0Heys= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612187009060980.3488279855817; Mon, 1 Feb 2021 05:43:29 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-423-Zn3QEpnNPhqT42P22R3wZQ-1; Mon, 01 Feb 2021 08:43:24 -0500 Received: from smtp.corp.redhat.com (int-mx07.intmail.prod.int.phx2.redhat.com [10.5.11.22]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id ADA6D801AB6; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 861ED10016F9; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 2A054180954D; Mon, 1 Feb 2021 13:43:17 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdLtu023479 for ; Mon, 1 Feb 2021 08:39:21 -0500 Received: by smtp.corp.redhat.com (Postfix) id B399760C68; Mon, 1 Feb 2021 13:39:21 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 0D41660C66 for ; Mon, 1 Feb 2021 13:39:20 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612187007; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=iFbMjKhYA5AY9q4kHAim48q6IHyZbkrdC5O8xO7fw6E=; b=R8uYp5BYICm4cc+xIxjK/1SgwYokPJCPka07v9b/szgnJek0E6+bFfdrUZwhKUNSHTUhnZ ljWlAm9TlFEdvwhli5hwemn9/AhuOrg0PtnercHhuoMigncAV1F/3ZtlagTujQOkc6vX+K VUB/wQW2QL1Ac0By7deEXWKNKPw6YvA= X-MC-Unique: Zn3QEpnNPhqT42P22R3wZQ-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 08/14] virsh: cmdSecretSetValue: Rework handling of the secret value Date: Mon, 1 Feb 2021 14:39:00 +0100 Message-Id: <8e0ba230bd50b6fce51d5229ad003e4abbc12998.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.22 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Use a single buffer for the secret to make it easier to follow it's lifecycle. For base64 decoding use a local temporary buffer which will be cleared right away. This also uses memset for clearing the bufer instead of VIR_DISPOSE_N which is being phased out. Signed-off-by: Peter Krempa --- tools/virsh-secret.c | 34 ++++++++++++++++------------------ 1 file changed, 16 insertions(+), 18 deletions(-) diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 5d656151e8..23bbd61698 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -202,10 +202,8 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) g_autoptr(virshSecret) secret =3D NULL; const char *base64 =3D NULL; const char *filename =3D NULL; - char *file_buf =3D NULL; - size_t file_len =3D 0; - unsigned char *value; - size_t value_size; + g_autofree char *secret_val =3D NULL; + size_t secret_len =3D 0; bool plain =3D vshCommandOptBool(cmd, "plain"); bool interactive =3D vshCommandOptBool(cmd, "interactive"); int res; @@ -228,41 +226,41 @@ cmdSecretSetValue(vshControl *ctl, const vshCmd *cmd) if (base64) { /* warn users that the --base64 option passed from command line is= wrong */ vshError(ctl, _("Passing secret value as command-line argument is = insecure!")); + secret_val =3D g_strdup(base64); + secret_len =3D strlen(secret_val); } else if (filename) { ssize_t read_ret; - if ((read_ret =3D virFileReadAll(filename, 1024, &file_buf)) < 0) { + if ((read_ret =3D virFileReadAll(filename, 1024, &secret_val)) < 0= ) { vshSaveLibvirtError(); return false; } - file_len =3D read_ret; - base64 =3D file_buf; + secret_len =3D read_ret; } else if (interactive) { vshPrint(ctl, "%s", _("Enter new value for secret:")); fflush(stdout); - if (!(file_buf =3D virGetPassword())) { + if (!(secret_val =3D virGetPassword())) { vshError(ctl, "%s", _("Failed to read secret")); return false; } - file_len =3D strlen(file_buf); + secret_len =3D strlen(secret_val); plain =3D true; } else { vshError(ctl, _("Input secret value is missing")); return false; } - if (plain) { - value =3D g_steal_pointer(&file_buf); - value_size =3D file_len; - file_len =3D 0; - } else { - value =3D g_base64_decode(base64, &value_size); + if (!plain) { + g_autofree char *tmp =3D g_steal_pointer(&secret_val); + size_t tmp_len =3D secret_len; + + secret_val =3D (char *) g_base64_decode(tmp, &secret_len); + memset(tmp, 0, tmp_len); } - res =3D virSecretSetValue(secret, value, value_size, 0); - VIR_DISPOSE_N(value, value_size); - VIR_DISPOSE_N(file_buf, file_len); + res =3D virSecretSetValue(secret, (unsigned char *) secret_val, secret= _len, 0); + memset(secret_val, 0, secret_len); if (res !=3D 0) { vshError(ctl, "%s", _("Failed to set secret value")); --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186777; cv=none; d=zohomail.com; s=zohoarc; b=ctl8LCXG66sfuQz8iU9GFKC/rc0myayY29NBQqBjPb+DE4yu7v1s+yabdBZYuaxGMtNrlYgAH8f1cRwdSs0PsQfkmyNMF/ppy1BRfEYEj8BB+Uub2ANH54KkK1lHzpO8+FRkc9wcmuO/7nSBb5rFJp823H/PckmYLsNkvflfUv4= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186777; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=ZE9hds2RA4IS8xDQl/I7y7ayGnDs7RrK/f7AEUGRDn8=; b=F0tTP98XeQ6N+kLEOcSkKAYdkaLIaTJETBJOPcfFeiWpqD8fT7fZemv2HM+F0PQlVbaVN/hMvjTAE6JO/G8RpZmEqdaBddmZ8fz6APg559ZDQHusOSFSI2tOGxDV3G8FDPj2XSDI8zAzbl0R9+dYTt71J65NVRLw7fP3WaknV2E= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1612186777779295.6118084385839; Mon, 1 Feb 2021 05:39:37 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-340-QPMgXAqBMgeFzYyzYuB5_w-1; Mon, 01 Feb 2021 08:39:34 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 1CA631005D5A; Mon, 1 Feb 2021 13:39:29 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id F01EA50DE6; Mon, 1 Feb 2021 13:39:28 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id B8E5050041; Mon, 1 Feb 2021 13:39:28 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdM56023494 for ; Mon, 1 Feb 2021 08:39:22 -0500 Received: by smtp.corp.redhat.com (Postfix) id BE57E60C68; Mon, 1 Feb 2021 13:39:22 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 2326B60C66 for ; Mon, 1 Feb 2021 13:39:21 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186776; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=ZE9hds2RA4IS8xDQl/I7y7ayGnDs7RrK/f7AEUGRDn8=; b=V47+h5R4WsVtKxa+1b9lP9UtXkdc4cnD9QTxl2qOd/vt7kjGs3efmMcuUpNKGrYLERf+8n E5lV6g1W8fcv19EcrhQz3+vmCp9ujFuX/PefsFXDajQ8xJZ9oE3q5WBAEGsH2PuteRG4dj H7UBbxAJ/0VKDF/dcO25IKxSal2Ugdc= X-MC-Unique: QPMgXAqBMgeFzYyzYuB5_w-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 09/14] virsh: cmdSecretGetValue: Use memset instead of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:39:01 +0100 Message-Id: <5eba53a7f6b7a6f379e1378cf57341469b2f5bb1.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Switch the secret value to 'g_autofree' for handling of the memory and clear it out using memset. Signed-off-by: Peter Krempa --- tools/virsh-secret.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c index 23bbd61698..252219c075 100644 --- a/tools/virsh-secret.c +++ b/tools/virsh-secret.c @@ -302,7 +302,7 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd) { g_autoptr(virshSecret) secret =3D NULL; VIR_AUTODISPOSE_STR base64 =3D NULL; - unsigned char *value; + g_autofree unsigned char *value =3D NULL; size_t value_size; bool plain =3D vshCommandOptBool(cmd, "plain"); @@ -314,7 +314,7 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd) if (plain) { if (fwrite(value, 1, value_size, stdout) !=3D value_size) { - VIR_DISPOSE_N(value, value_size); + memset(value, 0, value_size); vshError(ctl, "failed to write secret"); return false; } @@ -324,7 +324,7 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd) vshPrint(ctl, "%s", base64); } - VIR_DISPOSE_N(value, value_size); + memset(value, 0, value_size); return true; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612187010; cv=none; d=zohomail.com; s=zohoarc; b=GzqfjE8DFXbNE7EApvgv78dbxWkT7OlZp4TYDTuSdzbuMCFx1GeSI7EUWxBQ3y69WkJd/wUtq73Qedbe2BwkzM6DPGJgrtTqKF0hy0+0RbjpoUkOCUioZ6Nwh1qvR5G81P2sYP+ckyyQUGr1RvHGbXHZHN6UlJjiPU3SFJ+6Uh0= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612187010; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=gqsCp9GpDsgROGH/d1c0zbTuAbJ8f/lyXWGQyU421MY=; b=dyfBibxa9k+XveBLJbpsjmi7/M7ZFpo+P0diXpDC99tHs6gappOKIqSdSislhVO7uGSWv6eBFuCMylZqeqbeD8YEjnkG0CD8aeslOhZwgOFyRuYK2dT2wLHbUexEECTDfaJLwmf9gatZkCj64LG/7hz1/QSPvztlzIacNoq+Rrg= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 161218701013120.085417135139437; Mon, 1 Feb 2021 05:43:30 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-365-FgJXDXRRMfO6cOL7tHQ2AQ-1; Mon, 01 Feb 2021 08:43:27 -0500 Received: from smtp.corp.redhat.com (int-mx05.intmail.prod.int.phx2.redhat.com [10.5.11.15]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 500E01926DAF; Mon, 1 Feb 2021 13:43:21 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 2F1DD2CFAA; Mon, 1 Feb 2021 13:43:21 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id E3C001809CA2; Mon, 1 Feb 2021 13:43:20 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdQBe023517 for ; Mon, 1 Feb 2021 08:39:26 -0500 Received: by smtp.corp.redhat.com (Postfix) id 96B9060C66; Mon, 1 Feb 2021 13:39:26 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id E223760C69 for ; Mon, 1 Feb 2021 13:39:23 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612187009; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=gqsCp9GpDsgROGH/d1c0zbTuAbJ8f/lyXWGQyU421MY=; b=M9MkZxw24aLshc07QuEGfUIRNYBAiufu8qz5BQb/he+By0cszE7arLvj9kT4+YLgz5k8zR PsEbLjHok83vSuA5pfI9OmTGA9ymyyP5ftVt9Mh6xNd11UJp66jIp5uosU/NH6PLAnqols 0lIeG1w39Z0rmX7Bd3O2bfTTinyVvNQ= X-MC-Unique: FgJXDXRRMfO6cOL7tHQ2AQ-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 10/14] virStorageBackendRBDOpenRADOSConn: Use memset instead of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:39:02 +0100 Message-Id: <203114ee0d0261058c751b0d0825960cb06d0395.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.15 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Switch the secret value to 'g_autofree' for handling of the memory and clear it out using memset. Signed-off-by: Peter Krempa --- src/storage/storage_backend_rbd.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backen= d_rbd.c index 22f5c78591..5af6136c4a 100644 --- a/src/storage/storage_backend_rbd.c +++ b/src/storage/storage_backend_rbd.c @@ -185,7 +185,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDS= tatePtr ptr, int ret =3D -1; virStoragePoolSourcePtr source =3D &def->source; virStorageAuthDefPtr authdef =3D source->auth; - unsigned char *secret_value =3D NULL; + g_autofree unsigned char *secret_value =3D NULL; size_t secret_value_size =3D 0; VIR_AUTODISPOSE_STR rados_key =3D NULL; g_auto(virBuffer) mon_host =3D VIR_BUFFER_INITIALIZER; @@ -215,6 +215,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDS= tatePtr ptr, goto cleanup; rados_key =3D g_base64_encode(secret_value, secret_value_size); + memset(secret_value, 0, secret_value_size); if (virStorageBackendRBDRADOSConfSet(ptr->cluster, "key", rados_key) < 0) @@ -325,8 +326,6 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDS= tatePtr ptr, ret =3D 0; cleanup: - VIR_DISPOSE_N(secret_value, secret_value_size); - virObjectUnref(conn); return ret; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) client-ip=63.128.21.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186780; cv=none; d=zohomail.com; s=zohoarc; b=egelUm1DyCIlHpfWJ98/TLCZolc3QdqGunVeVuoqkb+cVLXQ20D/wnM+s/eYuhxC8O+UpkXz8GWSOHHiTjvl9mba/Z/74dqprDbAaTpNFYmm9KxBPPyukCUSbZCLHCdmP2PP4RxeaEwX9TnYjqrlMfApeskBJgVDp8NspMKZ3Cc= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186780; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=C0Sw6NvMpNn/CtbX0f+Wp8+HtpcOBxaPvNSeeJKxfo8=; b=PHQxqYVcWEVPrVMGmHnC3El1fxtLf3sSua+rhVmilZwHJBMvsTDyLbd5/78W6fr5wOrYPqHfdDh90GjFF3336qJlw6VEPQjeU23NxewYj/cAFJKdgpJDuIahLHiapHkiRFJfyq2ifZiGDqfps4libiGd2oRgobj9iI3OghjKpsU= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 63.128.21.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [63.128.21.124]) by mx.zohomail.com with SMTPS id 1612186780139627.7061190327287; Mon, 1 Feb 2021 05:39:40 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-210-R5TAXbM1PD2SnTsBuQyFZw-1; Mon, 01 Feb 2021 08:39:36 -0500 Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 6B94CCC623; Mon, 1 Feb 2021 13:39:31 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 45A5160C68; Mon, 1 Feb 2021 13:39:31 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id 0DB2050044; Mon, 1 Feb 2021 13:39:31 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdUe9023549 for ; Mon, 1 Feb 2021 08:39:30 -0500 Received: by smtp.corp.redhat.com (Postfix) id 8B9A360C6A; Mon, 1 Feb 2021 13:39:30 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id E4C1960C66 for ; Mon, 1 Feb 2021 13:39:26 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186779; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=C0Sw6NvMpNn/CtbX0f+Wp8+HtpcOBxaPvNSeeJKxfo8=; b=E1VsF7pyn4dZ7Y2ooptgH+VhYQvDGSJW/bAIvbe9nPjAe2soORnJ/6u3DyJSxnDVAr+414 M/vXGYApMT8fU9MwRupscdNfoCxBIP35djAdBK96wufG+NGrN3W6+V4pYkPnVAWEgoJSLM fmcrivXROH7QfZaFF5Spf2u0AnMNn8o= X-MC-Unique: R5TAXbM1PD2SnTsBuQyFZw-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 11/14] virCryptoEncryptDataAESgnutls: Use memset instead of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:39:03 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Clear out the value using an explicit memset and free it with g_free so that VIR_DISPOSE_N can be phased out. Signed-off-by: Peter Krempa --- src/util/vircrypto.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c index c4874550af..82281a070a 100644 --- a/src/util/vircrypto.c +++ b/src/util/vircrypto.c @@ -206,7 +206,8 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t= gnutls_enc_alg, return 0; error: - VIR_DISPOSE_N(ciphertext, ciphertextlen); + memset(ciphertext, 0, ciphertextlen); + g_free(ciphertext); memset(&enc_key, 0, sizeof(gnutls_datum_t)); memset(&iv_buf, 0, sizeof(gnutls_datum_t)); return -1; --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186784; cv=none; d=zohomail.com; s=zohoarc; b=gQMnfr07kgslMdP89a4ZKASg2Ib33Ej89ZK8Bewsymd6MXWpR9V5unZmY9RBPF5VLQ3mK0Qb09QjURGdb9NSnnymw4tGNXlUNQKhdCfXfYOZt90IBvaSQih/E7PppL8yBEwRtKlSBjNxR/XWsTJFJzDb02dyXN2x3RZ94m7RkHY= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186784; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=UP0qEjoYsVCg/kScBK6+qZPcb6+maCwdBHc3d8nQ1Ok=; b=TqhFwTQtsiDyg17QGPfCfRE7w019o8n3ObPDULkoY4YiHT4sdcJOOTKIvpPIApCwMHWZ1eRuDHSkmCGjEunxmM6QRkJZmyUD4bpHkwYHSHDm2V00FqdhVNy8t2H0JbN0XJmyMjVdrEPyrVzFUkHT7M46j4BldzoCCML+TVleLDY= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186784124776.1831257277719; Mon, 1 Feb 2021 05:39:44 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-79-w8215WvAOaGd-ny6IT5cxw-1; Mon, 01 Feb 2021 08:39:40 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 40F3A84A5E3; Mon, 1 Feb 2021 13:39:34 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.20]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 16FD71975E; Mon, 1 Feb 2021 13:39:34 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D2F1F1809CA8; Mon, 1 Feb 2021 13:39:33 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdV8S023576 for ; Mon, 1 Feb 2021 08:39:31 -0500 Received: by smtp.corp.redhat.com (Postfix) id ABED560C69; Mon, 1 Feb 2021 13:39:31 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 05FA860C66 for ; Mon, 1 Feb 2021 13:39:30 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186783; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=UP0qEjoYsVCg/kScBK6+qZPcb6+maCwdBHc3d8nQ1Ok=; b=fCs08tpoD+tfQ2tgjNigRBIGU7IpAFvNqFjq28UP5QRdyf3/GcUYsKOvRuGmMoF5VyBAwk 3oJUwb9UAbW4WCJrE+ZTBlzXWIEjYOJ2ijfnCU6lHu5gSeNQLEIVnqZr0yxn+2AjJI9qKm pabsiXvaDTw2gh3Ud/CJGKiTUMHv8ec= X-MC-Unique: w8215WvAOaGd-ny6IT5cxw-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 12/14] storageBackendCreateQemuImgSecretPath: Use memset instead of VIR_DISPOSE_N Date: Mon, 1 Feb 2021 14:39:04 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" Clear out the value using an explicit memset and free it with g_free so that VIR_DISPOSE_N can be phased out. Signed-off-by: Peter Krempa --- src/storage/storage_util.c | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/src/storage/storage_util.c b/src/storage/storage_util.c index 3d8de16341..303ba5fa70 100644 --- a/src/storage/storage_util.c +++ b/src/storage/storage_util.c @@ -1314,7 +1314,10 @@ storageBackendCreateQemuImgSecretPath(virStoragePool= ObjPtr pool, cleanup: virObjectUnref(conn); - VIR_DISPOSE_N(secret, secretlen); + if (secret) { + memset(secret, 0, secretlen); + g_free(secret); + } return secretPath; --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612187013; cv=none; d=zohomail.com; s=zohoarc; b=BKsVQFp9HRfmsOIm2Xl6bJOxw/0sxlDUzxA9tn54dWVt8ShKNr4/uS+Bkb08CReOJvV8QZrtXIitkuZpjbXi2ASpgLUG7bj3CzNEJrxRV6PPkXlKOyQyGu2CsOGQq1RvAWECyj8BB5LvGXP+Z73p0yUK+n2Gg7mzDL4EQqDM9to= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612187013; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=we28aF3xUCZKzj4r+oQUWGF3a5//Z602phOEy8Nl+dU=; b=WJMCr+xyHAuKw6ba/CxqcgqHLxjscTUPbXUlqkIQFOiYRAwhY+tCaoR/0U1HCgd5BFzjgvdElO291+yavLwHrzn2gO7Vu6K1hNIKqFaruzUu2gCRh0QUC8KjxO75RG5q12/TidufBmNz/Lv1vLF0iAXd+KDy+gGt+c1xtqxyxGo= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612187013955802.1406164248376; Mon, 1 Feb 2021 05:43:33 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-31-rFMYnlcBOCCpMimUEtcDVg-1; Mon, 01 Feb 2021 08:43:30 -0500 Received: from smtp.corp.redhat.com (int-mx08.intmail.prod.int.phx2.redhat.com [10.5.11.23]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 4E707801AC0; Mon, 1 Feb 2021 13:43:24 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 1DFC81975E; Mon, 1 Feb 2021 13:43:24 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id D7CE450038; Mon, 1 Feb 2021 13:43:23 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdW2a023599 for ; Mon, 1 Feb 2021 08:39:32 -0500 Received: by smtp.corp.redhat.com (Postfix) id DF0F960C69; Mon, 1 Feb 2021 13:39:32 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 35E6360C66 for ; Mon, 1 Feb 2021 13:39:31 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612187013; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=we28aF3xUCZKzj4r+oQUWGF3a5//Z602phOEy8Nl+dU=; b=Cc2wDgE6BG6z4pbFGLYmRwDxCqir5fvt79M0+tFFpfKW8wkZI5vZ4Lidac4BmYrk+eKku9 iG0xasV6BqYt2wXOq7uB2uRmcLlVmwknyZG82E/yAaM+YS6/GowtUoDOcg0AUPONy9XN9J EMhtWDlgkz7+gQjPsPcY/LmvxgbOIh0= X-MC-Unique: rFMYnlcBOCCpMimUEtcDVg-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 13/14] tests: viralloc: Remove testDispose case Date: Mon, 1 Feb 2021 14:39:05 +0100 Message-Id: In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.84 on 10.5.11.23 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The VIR_DISPOSE* APIs will be phased out. Additionally the test isn't really doing useful work in ensuring that the values are indeed cleared thus there's no point in keeping it around. Signed-off-by: Peter Krempa --- tests/viralloctest.c | 34 ---------------------------------- 1 file changed, 34 deletions(-) diff --git a/tests/viralloctest.c b/tests/viralloctest.c index 8ea98b8eca..0867be8ce1 100644 --- a/tests/viralloctest.c +++ b/tests/viralloctest.c @@ -312,38 +312,6 @@ testInsertArray(const void *opaque G_GNUC_UNUSED) } -static int -testDispose(const void *opaque G_GNUC_UNUSED) -{ - int *num =3D NULL; - int *nums =3D NULL; - size_t nnums =3D 0; - char *str =3D NULL; - - VIR_DISPOSE(num); - VIR_DISPOSE_N(nums, nnums); - VIR_DISPOSE_STRING(str); - - nnums =3D 10; - VIR_DISPOSE_N(nums, nnums); - - num =3D g_new0(int, 1); - - VIR_DISPOSE(num); - - nnums =3D 10; - nums =3D g_new0(int, nnums); - - VIR_DISPOSE_N(nums, nnums); - - str =3D g_strdup("test"); - - VIR_DISPOSE_STRING(str); - - return 0; -} - - static int mymain(void) { @@ -357,8 +325,6 @@ mymain(void) ret =3D -1; if (virTestRun("insert array", testInsertArray, NULL) < 0) ret =3D -1; - if (virTestRun("dispose tests", testDispose, NULL) < 0) - ret =3D -1; return ret =3D=3D 0 ? EXIT_SUCCESS : EXIT_FAILURE; } --=20 2.29.2 From nobody Mon May 20 01:26:33 2024 Delivered-To: importer@patchew.org Received-SPF: pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) client-ip=216.205.24.124; envelope-from=libvir-list-bounces@redhat.com; helo=us-smtp-delivery-124.mimecast.com; Authentication-Results: mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass(p=none dis=none) header.from=redhat.com ARC-Seal: i=1; a=rsa-sha256; t=1612186806; cv=none; d=zohomail.com; s=zohoarc; b=dAdRW9KctNyL467m4f6a8gbmYDYI0n1j+JK+KPcTkzHoChHf1H4JtlpX8t3q9NQrAnTCVY/3DUb/Vxbh712T8DPDTm0/VssOMaqe7Jv6bcLAyMWxZAeooc/gPY1hqrGh56zBkeYvt2zdHzTkk2LgSOXCbcDH90MXJQdY75/Awkk= ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com; s=zohoarc; t=1612186806; h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:List-Subscribe:List-Post:List-Id:List-Archive:List-Help:List-Unsubscribe:MIME-Version:Message-ID:References:Sender:Subject:To; bh=l/5mUwetgLrukzdOv4BVoL5OhFQpy54lMLLqj/khrSM=; b=DW6dXn+taP9G1j82jBntZNi+Iykt3xxPAR8b+JDCE+3j848cXxWBVJvFaxUrMmmxHpj8LbIjY0QeG8AFBwqbf3Sz7v1aO9nV9FNPbdC2ofF2WUlu9ATHaMDpjb4nF5ynJNuPzDsGnPF9j5BPqTN/cSuyx0do5qqH3sdmc6dY4UQ= ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass; spf=pass (zohomail.com: domain of redhat.com designates 216.205.24.124 as permitted sender) smtp.mailfrom=libvir-list-bounces@redhat.com; dmarc=pass header.from= (p=none dis=none) header.from= Return-Path: Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [216.205.24.124]) by mx.zohomail.com with SMTPS id 1612186806754384.12216354490977; Mon, 1 Feb 2021 05:40:06 -0800 (PST) Received: from mimecast-mx01.redhat.com (mimecast-mx01.redhat.com [209.132.183.4]) (Using TLS) by relay.mimecast.com with ESMTP id us-mta-495-nq4euok2NIykfDVoEhj7yw-1; Mon, 01 Feb 2021 08:39:43 -0500 Received: from smtp.corp.redhat.com (int-mx03.intmail.prod.int.phx2.redhat.com [10.5.11.13]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by mimecast-mx01.redhat.com (Postfix) with ESMTPS id 2E9391005D57; Mon, 1 Feb 2021 13:39:37 +0000 (UTC) Received: from colo-mx.corp.redhat.com (colo-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.21]) by smtp.corp.redhat.com (Postfix) with ESMTPS id 0B4BD50DE6; Mon, 1 Feb 2021 13:39:37 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by colo-mx.corp.redhat.com (Postfix) with ESMTP id C921F5003F; Mon, 1 Feb 2021 13:39:36 +0000 (UTC) Received: from smtp.corp.redhat.com (int-mx02.intmail.prod.int.phx2.redhat.com [10.5.11.12]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id 111DdYTA023614 for ; Mon, 1 Feb 2021 08:39:34 -0500 Received: by smtp.corp.redhat.com (Postfix) id 07F3360C68; Mon, 1 Feb 2021 13:39:34 +0000 (UTC) Received: from speedmetal.lan (unknown [10.40.208.53]) by smtp.corp.redhat.com (Postfix) with ESMTP id 5E9F160C66 for ; Mon, 1 Feb 2021 13:39:33 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1612186805; h=from:from:sender:sender:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references:list-id:list-help: list-unsubscribe:list-subscribe:list-post; bh=l/5mUwetgLrukzdOv4BVoL5OhFQpy54lMLLqj/khrSM=; b=HeRHFaOozi3cKMGuYYRP7LwB4KPuza0EqnH6J6GOPYnmOIsit9Bg6p9DHIRz9wcKgneOLg Xn98NdAPWWa10Oe+6f36b13iVEN2GZ1DL1oIHynb9ZRPvHUeqtpyKUDOuQLtgmNoyttfwr kuuYUze/Lp/1TbgYzqR3vFxdORtDAdU= X-MC-Unique: nq4euok2NIykfDVoEhj7yw-1 From: Peter Krempa To: libvir-list@redhat.com Subject: [PATCH 14/14] util: viralloc: Remove VIR_DISPOSE(_N) Date: Mon, 1 Feb 2021 14:39:06 +0100 Message-Id: <669c7f418388f950ff925617cb25fd63d20bf9d5.1612186636.git.pkrempa@redhat.com> In-Reply-To: References: MIME-Version: 1.0 X-Scanned-By: MIMEDefang 2.79 on 10.5.11.12 X-loop: libvir-list@redhat.com X-BeenThere: libvir-list@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: Development discussions about the libvirt library & tools List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: libvir-list-bounces@redhat.com Errors-To: libvir-list-bounces@redhat.com X-Scanned-By: MIMEDefang 2.79 on 10.5.11.13 Authentication-Results: relay.mimecast.com; auth=pass smtp.auth=CUSA124A263 smtp.mailfrom=libvir-list-bounces@redhat.com X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Content-Transfer-Encoding: quoted-printable X-ZohoMail-DKIM: pass (identity @redhat.com) Content-Type: text/plain; charset="utf-8" The macros are unused now and callers who care about clearing the memory they use should use memset() appropriately. Signed-off-by: Peter Krempa --- src/libvirt_private.syms | 1 - src/util/viralloc.c | 39 ++------------------------------------- src/util/viralloc.h | 27 --------------------------- 3 files changed, 2 insertions(+), 65 deletions(-) diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms index 8138780237..45e89eba3c 100644 --- a/src/libvirt_private.syms +++ b/src/libvirt_private.syms @@ -1726,7 +1726,6 @@ vir_g_strdup_vprintf; # util/viralloc.h virAllocVar; virDeleteElementsN; -virDispose; virDisposeString; virExpandN; virInsertElementsN; diff --git a/src/util/viralloc.c b/src/util/viralloc.c index 0360b8a8aa..036007cb53 100644 --- a/src/util/viralloc.c +++ b/src/util/viralloc.c @@ -295,42 +295,6 @@ int virAllocVar(void *ptrptr, } -/** - * virDispose: - * @ptrptr: pointer to pointer for address of memory to be sanitized and f= reed - * @count: count of elements in the array to dispose - * @element_size: size of one element - * @countptr: pointer to the count variable to clear (may be NULL) - * - * Clear and release the chunk of memory in the pointer pointed to by 'prt= ptr'. - * - * If @countptr is provided, it's value is used instead of @count and it's= set - * to 0 after clearing and freeing the memory. - * - * After release, 'ptrptr' will be updated to point to NULL. - */ -void virDispose(void *ptrptr, - size_t count, - size_t element_size, - size_t *countptr) -{ - int save_errno =3D errno; - - if (countptr) - count =3D *countptr; - - if (*(void**)ptrptr && count > 0) - memset(*(void **)ptrptr, 0, count * element_size); - - g_free(*(void**)ptrptr); - *(void**)ptrptr =3D NULL; - - if (countptr) - *countptr =3D 0; - errno =3D save_errno; -} - - /** * virDisposeString: * @ptrptr: pointer to pointer for a string which should be sanitized and = cleared @@ -343,5 +307,6 @@ virDisposeString(char **strptr) if (!*strptr) return; - virDispose(strptr, strlen(*strptr), sizeof(char), NULL); + memset(*strptr, 0, strlen(*strptr)); + g_clear_pointer(strptr, g_free); } diff --git a/src/util/viralloc.h b/src/util/viralloc.h index 1abd94fac4..0173107b87 100644 --- a/src/util/viralloc.h +++ b/src/util/viralloc.h @@ -52,8 +52,6 @@ int virDeleteElementsN(void *ptrptr, size_t size, size_t = at, size_t *countptr, int virAllocVar(void *ptrptr, size_t struct_size, size_t element_size, siz= e_t count) G_GNUC_WARN_UNUSED_RESULT ATTRIBUTE_NONNULL(1); -void virDispose(void *ptrptr, size_t count, size_t element_size, size_t *c= ountptr) - ATTRIBUTE_NONNULL(1); void virDisposeString(char **strptr) ATTRIBUTE_NONNULL(1); @@ -342,20 +340,6 @@ void virDisposeString(char **strptr) #define VIR_FREE(ptr) g_clear_pointer(&(ptr), g_free) -/** - * VIR_DISPOSE_N: - * @ptr: pointer holding address to be cleared and freed - * @count: count of elements in @ptr - * - * Clear the memory of the array of elements pointed to by 'ptr' of 'count' - * elements and free it. Update the pointer/count to NULL/0. - * - * This macro is safe to use on arguments with side effects. - */ -#define VIR_DISPOSE_N(ptr, count) virDispose(1 ? (void *) &(ptr) : (ptr), = 0, \ - sizeof(*(ptr)), &(count)) - - /** * VIR_DISPOSE_STRING: * @ptr: pointer to a string to be cleared and freed @@ -375,14 +359,3 @@ void virDisposeString(char **strptr) */ #define VIR_AUTODISPOSE_STR \ __attribute__((cleanup(virDisposeString))) char * - -/** - * VIR_DISPOSE: - * @ptr: pointer to memory to be cleared and freed - * - * Clears and frees the corresponding memory. - * - * This macro is safe to be used on arguments with side effects. - */ -#define VIR_DISPOSE(ptr) virDispose(1 ? (void *) &(ptr) : (ptr), 1, \ - sizeof(*(ptr)), NULL) --=20 2.29.2