From da2c723266c38e241e35c7cbf28e480d19cb40f6 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Pavel=20Filipensk=C3=BD?= Date: Sat, 20 Aug 2022 09:34:30 +0200 Subject: [PATCH] s3:passdb: Zero secrets_domain_info1_password created via secrets_fetch() MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Zero out these members of struct secrets_domain_info1_password: DATA_BLOB cleartext_blob; struct samr_Password nt_hash; struct secrets_domain_info1_kerberos_key *keys; Signed-off-by: Pavel Filipenský Reviewed-by: Andreas Schneider --- source3/passdb/machine_account_secrets.c | 29 ++++++++++++++++++++++++ 1 file changed, 29 insertions(+) diff --git a/source3/passdb/machine_account_secrets.c b/source3/passdb/machine_account_secrets.c index a9b1fe82a01..1cf34bbf5c9 100644 --- a/source3/passdb/machine_account_secrets.c +++ b/source3/passdb/machine_account_secrets.c @@ -685,6 +685,28 @@ char *secrets_fetch_machine_password(const char *domain, return ret; } +static int password_nt_hash_destructor(struct secrets_domain_info1_password *pw) +{ + ZERO_STRUCT(pw->nt_hash); + + return 0; +} + +static int setup_password_zeroing(struct secrets_domain_info1_password *pw) +{ + if (pw != NULL) { + size_t i; + + talloc_keep_secret(pw->cleartext_blob.data); + talloc_set_destructor(pw, password_nt_hash_destructor); + for (i = 0; i < pw->num_keys; i++) { + talloc_keep_secret(pw->keys[i].value.data); + } + } + + return 0; +} + static char *domain_info_keystr(const char *domain) { char *keystr; @@ -726,6 +748,13 @@ static NTSTATUS secrets_fetch_domain_info1_by_key(const char *key, return NT_STATUS_INTERNAL_DB_CORRUPTION; } + if (sdib.info.info1->next_change != NULL) { + setup_password_zeroing(sdib.info.info1->next_change->password); + } + setup_password_zeroing(sdib.info.info1->password); + setup_password_zeroing(sdib.info.info1->old_password); + setup_password_zeroing(sdib.info.info1->older_password); + if (sdib.version != SECRETS_DOMAIN_INFO_VERSION_1) { DBG_ERR("sdib.version = %u\n", (unsigned)sdib.version); return NT_STATUS_INTERNAL_DB_CORRUPTION; -- 2.47.3