pem: Clear chunks after decrypting files

author Tobias Brunner <tobias@strongswan.org>

Thu, 30 Sep 2021 10:03:42 +0000 (12:03 +0200)

committer Tobias Brunner <tobias@strongswan.org>

Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)
author Tobias Brunner <tobias@strongswan.org>
Thu, 30 Sep 2021 10:03:42 +0000 (12:03 +0200)
committer Tobias Brunner <tobias@strongswan.org>
Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)
diff --git a/src/libstrongswan/plugins/pem/pem_builder.c b/src/libstrongswan/plugins/pem/pem_builder.c

index 3b84eb7eaf5daae79745da7d27a982409d687027..9ca96a4d218e59736d022a99c18ee03ba3ea1a95 100644 (file)
--- a/src/libstrongswan/plugins/pem/pem_builder.c
+++ b/src/libstrongswan/plugins/pem/pem_builder.c
@@ -147,7 +147,7 @@ static status_t pem_decrypt(chunk_t *blob, encryption_algorithm_t alg,
         }
         crypter->destroy(crypter);
         memcpy(blob->ptr, decrypted.ptr, blob->len);
-       chunk_free(&decrypted);
+       chunk_clear(&decrypted);
  
         /* determine amount of padding */
         last_padding_pos = blob->ptr + blob->len - 1;
@@ -354,7 +354,7 @@ static status_t pem_to_bin(chunk_t *blob, bool *pgp)
                         memcpy(blob->ptr, chunk.ptr, chunk.len);
                         blob->len = chunk.len;
                 }
-               free(chunk.ptr);
+               chunk_clear(&chunk);
                 if (status != INVALID_ARG)
                 {       /* try again only if passphrase invalid */
                         break;
author	Tobias Brunner <tobias@strongswan.org>
	Thu, 30 Sep 2021 10:03:42 +0000 (12:03 +0200)
committer	Tobias Brunner <tobias@strongswan.org>
	Mon, 4 Oct 2021 09:30:03 +0000 (11:30 +0200)