credentials: Try harder to zero out existing data

Signed-off-by: Remi Gacogne <remi.gacogne@powerdns.com>

diff --git a/pdns/credentials.cc b/pdns/credentials.cc
index c275a78a2d2781280cddc73fd34d5e524f573377..ead727614e3b88dd996eeebb35487663dce71de1 100644 (file)
--- a/pdns/credentials.cc
+++ b/pdns/credentials.cc
@@ -59,6 +59,10 @@ static size_t const pwhash_prefix_size = pwhash_prefix.size();
 SensitiveData::SensitiveData(std::string&& data) :
   d_data(std::move(data))
 {
+#ifdef HAVE_LIBSODIUM
+  // let's be nice and try to zero out the SSO buffer
+  sodium_memzero(data.data(), data.capacity());
+#endif
   data.clear();
 #ifdef HAVE_LIBSODIUM
   sodium_mlock(d_data.data(), d_data.size());
@@ -88,6 +92,9 @@ SensitiveData::~SensitiveData()
 void SensitiveData::clear()
 {
 #ifdef HAVE_LIBSODIUM
+  // let's be nice and try to zero out the SSO buffer (be careful, sodium_munlock will zero out the current size
+  // which might be zero if the object was moved)
+  sodium_memzero(d_data.data(), d_data.capacity());
   sodium_munlock(d_data.data(), d_data.size());
 #endif
   d_data.clear();