1. Patchew
  2. Libvirt
  3. [PATCH v2 00/27] util: Remove VIR_DISPOSE(_N) and VIR_DISPOSE_STRING
  4. View patch

[PATCH v2 13/27] virStorageBackendRBDOpenRADOSConn: Use virSecureErase instead of VIR_DISPOSE_N

Peter Krempa posted 27 patches 5 years ago
[PATCH v2 13/27] virStorageBackendRBDOpenRADOSConn: Use virSecureErase instead of VIR_DISPOSE_N
Posted by Peter Krempa 5 years ago 
Switch the secret value to 'g_autofree' for handling of the memory and
clear it out using virSecureErase.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/storage/storage_backend_rbd.c | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c
index 22f5c78591..1f83205dfa 100644
--- a/src/storage/storage_backend_rbd.c
+++ b/src/storage/storage_backend_rbd.c
@@ -35,6 +35,7 @@
 #include "rbd/librbd.h"
 #include "virsecret.h"
 #include "storage_util.h"
+#include "virsecureerase.h"

 #define VIR_FROM_THIS VIR_FROM_STORAGE

@@ -185,7 +186,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
     int ret = -1;
     virStoragePoolSourcePtr source = &def->source;
     virStorageAuthDefPtr authdef = source->auth;
-    unsigned char *secret_value = NULL;
+    g_autofree unsigned char *secret_value = NULL;
     size_t secret_value_size = 0;
     VIR_AUTODISPOSE_STR rados_key = NULL;
     g_auto(virBuffer) mon_host = VIR_BUFFER_INITIALIZER;
@@ -215,6 +216,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
             goto cleanup;

         rados_key = g_base64_encode(secret_value, secret_value_size);
+        virSecureErase(secret_value, secret_value_size);

         if (virStorageBackendRBDRADOSConfSet(ptr->cluster,
                                              "key", rados_key) < 0)
@@ -325,8 +327,6 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
     ret = 0;

  cleanup:
-    VIR_DISPOSE_N(secret_value, secret_value_size);
-
     virObjectUnref(conn);
     return ret;
 }
-- 
2.29.2
Re: [PATCH v2 13/27] virStorageBackendRBDOpenRADOSConn: Use virSecureErase instead of VIR_DISPOSE_N
Posted by Daniel P. Berrangé 5 years ago 
On Tue, Feb 02, 2021 at 05:55:50PM +0100, Peter Krempa wrote:
> Switch the secret value to 'g_autofree' for handling of the memory and
> clear it out using virSecureErase.
> 
> Signed-off-by: Peter Krempa <pkrempa@redhat.com>
> ---
>  src/storage/storage_backend_rbd.c | 6 +++---
>  1 file changed, 3 insertions(+), 3 deletions(-)

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|

Patchew 2.1-devel-b67e4c2

© 2016 - 2026 Red Hat, Inc.