s3:afs: Zero memory for afs_keyfile

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>

diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index e88158fb69a59cae99149931b6c5f5c04e5061ec..c8390d5455e5ff02899430b078956969f6bc81a4 100644 (file)
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -430,14 +430,14 @@ bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
                return False;
 
        if (size != sizeof(struct afs_keyfile)) {
-               SAFE_FREE(keyfile);
+               BURN_FREE(keyfile, sizeof(*keyfile));
                return False;
        }
 
        i = ntohl(keyfile->nkeys);
 
        if (i > SECRETS_AFS_MAXKEYS) {
-               SAFE_FREE(keyfile);
+               BURN_FREE(keyfile, sizeof(*keyfile));
                return False;
        }
 
@@ -445,7 +445,7 @@ bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
 
        result->kvno = ntohl(result->kvno);
 
-       SAFE_FREE(keyfile);
+       BURN_FREE(keyfile, sizeof(*keyfile));
 
        return True;
 }

diff --git a/source3/utils/net_afs.c b/source3/utils/net_afs.c
index 3668e3cbad87056279ca5ba1983bac3b50ae8a14..36d43109b80fcb8fca5ef3a507fd946bf5cc6492 100644 (file)
--- a/source3/utils/net_afs.c
+++ b/source3/utils/net_afs.c
@@ -65,9 +65,11 @@ int net_afs_key(struct net_context *c, int argc, const char **argv)
 
        if (!secrets_store_afs_keyfile(argv[1], &keyfile)) {
                d_fprintf(stderr, _("Could not write keyfile to secrets.tdb\n"));
+               ZERO_STRUCT(keyfile);
                return -1;
        }
 
+       ZERO_STRUCT(keyfile);
        return 0;
 }