From: Pavel Filipenský <pfilipensky@samba.org>
Date: Wed, 10 Aug 2022 07:07:07 +0000 (+0200)
Subject: s3:afs: Zero memory for afs_keyfile
X-Git-Tag: talloc-2.4.0~1305
X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=4b2df80e898c837707b6854a1a94fccf8d87f6b8;p=thirdparty%2Fsamba.git

s3:afs: Zero memory for afs_keyfile

Signed-off-by: Pavel Filipenský <pfilipensky@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
---

diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index e88158fb69a..c8390d5455e 100644
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -430,14 +430,14 @@ bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
 		return False;
 
 	if (size != sizeof(struct afs_keyfile)) {
-		SAFE_FREE(keyfile);
+		BURN_FREE(keyfile, sizeof(*keyfile));
 		return False;
 	}
 
 	i = ntohl(keyfile->nkeys);
 
 	if (i > SECRETS_AFS_MAXKEYS) {
-		SAFE_FREE(keyfile);
+		BURN_FREE(keyfile, sizeof(*keyfile));
 		return False;
 	}
 
@@ -445,7 +445,7 @@ bool secrets_fetch_afs_key(const char *cell, struct afs_key *result)
 
 	result->kvno = ntohl(result->kvno);
 
-	SAFE_FREE(keyfile);
+	BURN_FREE(keyfile, sizeof(*keyfile));
 
 	return True;
 }
diff --git a/source3/utils/net_afs.c b/source3/utils/net_afs.c
index 3668e3cbad8..36d43109b80 100644
--- a/source3/utils/net_afs.c
+++ b/source3/utils/net_afs.c
@@ -65,9 +65,11 @@ int net_afs_key(struct net_context *c, int argc, const char **argv)
 
 	if (!secrets_store_afs_keyfile(argv[1], &keyfile)) {
 		d_fprintf(stderr, _("Could not write keyfile to secrets.tdb\n"));
+		ZERO_STRUCT(keyfile);
 		return -1;
 	}
 
+	ZERO_STRUCT(keyfile);
 	return 0;
 }