lib:util: Check memset_s() error code in talloc_keep_secret_destructor()

Panic if memset_s() fails.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>

diff --git a/lib/util/talloc_keep_secret.c b/lib/util/talloc_keep_secret.c
index 70d449b5f126ad881d8d48fff7e0f53ee3b4675e..21048659e5df70a0d39f61669b10af4cb3646d53 100644 (file)
--- a/lib/util/talloc_keep_secret.c
+++ b/lib/util/talloc_keep_secret.c
@@ -22,13 +22,26 @@
 
 static int talloc_keep_secret_destructor(void *ptr)
 {
+       int ret;
        size_t size = talloc_get_size(ptr);
 
        if (unlikely(size == 0)) {
                return 0;
        }
 
-       memset_s(ptr, size, 0, size);
+       ret = memset_s(ptr, size, 0, size);
+       if (unlikely(ret != 0)) {
+               char *msg = NULL;
+               int ret2;
+               ret2 = asprintf(&msg,
+                               "talloc_keep_secret_destructor: memset_s() failed: %s",
+                               strerror(ret));
+               if (ret2 != -1) {
+                       smb_panic(msg);
+               } else {
+                       smb_panic("talloc_keep_secret_destructor: memset_s() failed");
+               }
+       }
 
        return 0;
 }