disk/cryptodisk: Wipe the passphrase from memory

author Maxim Suhanov <dfirblog@gmail.com>

Tue, 4 Mar 2025 12:27:59 +0000 (15:27 +0300)

committer Daniel Kiper <daniel.kiper@oracle.com>

Tue, 6 May 2025 15:14:03 +0000 (17:14 +0200)
author Maxim Suhanov <dfirblog@gmail.com>
Tue, 4 Mar 2025 12:27:59 +0000 (15:27 +0300)
committer Daniel Kiper <daniel.kiper@oracle.com>
Tue, 6 May 2025 15:14:03 +0000 (17:14 +0200)
diff --git a/grub-core/disk/cryptodisk.c b/grub-core/disk/cryptodisk.c

index 544a30d61517ce1d3076a9aa35b40747a8b696e4..7065bcdcb54751c37c22747424be4cad5bc5901c 100644 (file)
--- a/grub-core/disk/cryptodisk.c
+++ b/grub-core/disk/cryptodisk.c
@@ -1302,6 +1302,7 @@ grub_cryptodisk_scan_device_real (const char *name,
  
    if (askpass)
      {
+      grub_memset (cargs->key_data, 0, cargs->key_len);
        cargs->key_len = 0;
        grub_free (cargs->key_data);
      }
author	Maxim Suhanov <dfirblog@gmail.com>
	Tue, 4 Mar 2025 12:27:59 +0000 (15:27 +0300)
committer	Daniel Kiper <daniel.kiper@oracle.com>
	Tue, 6 May 2025 15:14:03 +0000 (17:14 +0200)