s4:kdc: Erase key data

If we’re going to zero the keys before freeing them, we might as well do
it properly.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/source4/kdc/sdb_to_kdb.c b/source4/kdc/sdb_to_kdb.c
index 466e53921cdab878d489264de573e14d981cce67..7214cbc317e1ba599eb5c938a107eef191987439 100644 (file)
--- a/source4/kdc/sdb_to_kdb.c
+++ b/source4/kdc/sdb_to_kdb.c
@@ -222,7 +222,7 @@ static void free_krb5_db_entry(krb5_context context,
                        for (j = 0; j < k->key_data[i].key_data_ver; j++) {
                                if (k->key_data[i].key_data_length[j] != 0) {
                                        if (k->key_data[i].key_data_contents[j] != NULL) {
-                                               memset(k->key_data[i].key_data_contents[j], 0, k->key_data[i].key_data_length[j]);
+                                               BURN_PTR_SIZE(k->key_data[i].key_data_contents[j], k->key_data[i].key_data_length[j]);
                                                free(k->key_data[i].key_data_contents[j]);
                                        }
                                }