From: Peter Krempa <pkrempa@redhat.com>
Date: Mon, 1 Feb 2021 13:13:53 +0000 (+0100)
Subject: virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N
X-Git-Tag: v7.1.0-rc1~317
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=288d051494d8dbf5f6b24e503433284b5b6f2d53;p=thirdparty%2Flibvirt.git

virCryptoEncryptDataAESgnutls: Use virSecureErase instead of VIR_DISPOSE_N

Clear out the value using virSecureErase and free it with g_free so
that VIR_DISPOSE_N can be phased out.

Signed-off-by: Peter Krempa <pkrempa@redhat.com>
Reviewed-by: Daniel P. Berrangé <berrange@redhat.com>
---

diff --git a/src/util/vircrypto.c b/src/util/vircrypto.c
index c4874550af..d2a42d83e2 100644
--- a/src/util/vircrypto.c
+++ b/src/util/vircrypto.c
@@ -25,6 +25,7 @@
 #include "virerror.h"
 #include "viralloc.h"
 #include "virrandom.h"
+#include "virsecureerase.h"
 
 #include <gnutls/gnutls.h>
 #include <gnutls/crypto.h>
@@ -206,7 +207,8 @@ virCryptoEncryptDataAESgnutls(gnutls_cipher_algorithm_t gnutls_enc_alg,
     return 0;
 
  error:
-    VIR_DISPOSE_N(ciphertext, ciphertextlen);
+    virSecureErase(ciphertext, ciphertextlen);
+    g_free(ciphertext);
     memset(&enc_key, 0, sizeof(gnutls_datum_t));
     memset(&iv_buf, 0, sizeof(gnutls_datum_t));
     return -1;