diff options
| author | Antonio Cardace <acardace@redhat.com> | 2019-12-18 14:46:22 +0100 |
|---|---|---|
| committer | Antonio Cardace <acardace@redhat.com> | 2019-12-18 16:15:06 +0100 |
| commit | 730adf2afd8be6c3c44cc5a9b7ce64245bf8f1fc (patch) | |
| tree | 075933e0016ae9cf21db79d91209a88cb4cb14f8 | |
| parent | 725cc687106d6450bf6d6878e7d2936ddc56bca9 (diff) | |
| download | NetworkManager-730adf2afd8be6c3c44cc5a9b7ce64245bf8f1fc.tar.gz | |
clients,libnm-core: zero-out memory used to store plain-text secrets
| -rw-r--r-- | clients/cli/common.c | 3 | ||||
| -rw-r--r-- | clients/cli/devices.c | 3 | ||||
| -rw-r--r-- | libnm-core/nm-setting-wireless-security.c | 25 |
3 files changed, 17 insertions, 14 deletions
diff --git a/clients/cli/common.c b/clients/cli/common.c index 58879f6a51..452f04f624 100644 --- a/clients/cli/common.c +++ b/clients/cli/common.c @@ -17,6 +17,7 @@ #include "nm-vpn-helpers.h" #include "nm-client-utils.h" +#include "nm-glib-aux/nm-secret-utils.h" #include "utils.h" @@ -732,7 +733,7 @@ get_secrets_from_user (const NmcConfig *nmc_config, /* No password provided, cancel the secrets. */ if (!pwd) return FALSE; - g_free (secret->value); + nm_free_secret (secret->value); secret->value = pwd; } return TRUE; diff --git a/clients/cli/devices.c b/clients/cli/devices.c index 0a7339bc2c..a23113339c 100644 --- a/clients/cli/devices.c +++ b/clients/cli/devices.c @@ -18,6 +18,7 @@ #include "utils.h" #include "common.h" #include "connections.h" +#include "nm-glib-aux/nm-secret-utils.h" /* define some prompts */ #define PROMPT_INTERFACE _("Interface: ") @@ -3639,7 +3640,7 @@ finish: if (bssid2_arr) g_byte_array_free (bssid2_arr, TRUE); g_free (ssid_ask); - g_free (passwd_ask); + nm_free_secret (passwd_ask); return nmc->return_value; } diff --git a/libnm-core/nm-setting-wireless-security.c b/libnm-core/nm-setting-wireless-security.c index b0b96f9957..6032053bbb 100644 --- a/libnm-core/nm-setting-wireless-security.c +++ b/libnm-core/nm-setting-wireless-security.c @@ -13,6 +13,7 @@ #include "nm-utils-private.h" #include "nm-setting-private.h" #include "nm-setting-wireless.h" +#include "nm-glib-aux/nm-secret-utils.h" /** * SECTION:nm-setting-wireless-security @@ -1316,33 +1317,33 @@ set_property (GObject *object, guint prop_id, priv->leap_username = g_value_dup_string (value); break; case PROP_WEP_KEY0: - g_free (priv->wep_key0); + nm_free_secret (priv->wep_key0); priv->wep_key0 = g_value_dup_string (value); break; case PROP_WEP_KEY1: - g_free (priv->wep_key1); + nm_free_secret (priv->wep_key1); priv->wep_key1 = g_value_dup_string (value); break; case PROP_WEP_KEY2: - g_free (priv->wep_key2); + nm_free_secret (priv->wep_key2); priv->wep_key2 = g_value_dup_string (value); break; case PROP_WEP_KEY3: - g_free (priv->wep_key3); + nm_free_secret (priv->wep_key3); priv->wep_key3 = g_value_dup_string (value); break; case PROP_WEP_KEY_FLAGS: priv->wep_key_flags = g_value_get_flags (value); break; case PROP_PSK: - g_free (priv->psk); + nm_free_secret (priv->psk); priv->psk = g_value_dup_string (value); break; case PROP_PSK_FLAGS: priv->psk_flags = g_value_get_flags (value); break; case PROP_LEAP_PASSWORD: - g_free (priv->leap_password); + nm_free_secret (priv->leap_password); priv->leap_password = g_value_dup_string (value); break; case PROP_LEAP_PASSWORD_FLAGS: @@ -1392,12 +1393,12 @@ finalize (GObject *object) g_free (priv->key_mgmt); g_free (priv->auth_alg); g_free (priv->leap_username); - g_free (priv->wep_key0); - g_free (priv->wep_key1); - g_free (priv->wep_key2); - g_free (priv->wep_key3); - g_free (priv->psk); - g_free (priv->leap_password); + nm_free_secret (priv->wep_key0); + nm_free_secret (priv->wep_key1); + nm_free_secret (priv->wep_key2); + nm_free_secret (priv->wep_key3); + nm_free_secret (priv->psk); + nm_free_secret (priv->leap_password); g_slist_free_full (priv->proto, g_free); g_slist_free_full (priv->pairwise, g_free); |