util: Remove VIR_DISPOSE(_N) and VIR_DISPOSE_STRING

[PATCH v2 14/27] virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N

Posted by Peter Krempa 5 years ago

Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
---
 src/util/vircrypto.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index c4874550af..d2a42d83e2 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -25,6 +25,7 @@
 #include "virerror.h"
 #include "viralloc.h"
 #include "virrandom.h"
+#include "virsecureerase.h"

 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
@@ -206,7 +207,8 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
     return 0;

  error:
-    VIR_DISPOSE_N(ciphertext, ciphertextlen);
+    virSecureErase(ciphertext, ciphertextlen);
+    g_free(ciphertext);
     memset(&enc_key, 0, sizeof(gnutls_datum_t));
     memset(&iv_buf, 0, sizeof(gnutls_datum_t));
     return -1;
-- 
2.29.2

Re: [PATCH v2 14/27] virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N

Posted by Daniel P. Berrangé 5 years ago

On Tue, Feb 02, 2021 at 05:55:51PM +0100, Peter Krempa wrote:
> Clear out the value using virSecureErase and free it with g_free so
> that VIR_DISPOSE_N can be phased out.
> 
> Signed-off-by: Peter Krempa <pkrempa@redhat.com>
> ---
>  src/util/vircrypto.c | 4 +++-
>  1 file changed, 3 insertions(+), 1 deletion(-)

Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>


Regards,
Daniel
-- 
|: https://berrange.com      -o-    https://www.flickr.com/photos/dberrange :|
|: https://libvirt.org         -o-            https://fstop138.berrange.com :|
|: https://entangle-photo.org    -o-    https://www.instagram.com/dberrange :|