From d812e28af637144d078005887cb7519d7a2d0c58 Mon Sep 17 00:00:00 2001
From: NIIBE Yutaka <gniibe@fsij.org>
Date: Wed, 25 May 2022 15:34:38 +0900
Subject: server: Wipe out the memory used by assuan_inquire if CONFIDENTIAL.

* src/assuan-inquire.c (assuan_inquire): Wipe the memory and
inbound buffer.

--

GnuPG-bug-id: 5977
Signed-off-by: NIIBE Yutaka <gniibe@fsij.org>
---
 src/assuan-inquire.c | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/assuan-inquire.c b/src/assuan-inquire.c
index fa227a6..9599a77 100644
--- a/src/assuan-inquire.c
+++ b/src/assuan-inquire.c
@@ -254,7 +254,13 @@ assuan_inquire (assuan_context_t ctx, const char *keyword,
 
  out:
   if (!nodataexpected)
-    free_membuf (ctx, &mb);
+    {
+      if (ctx->flags.confidential)
+        wipememory (mb.buf, mb.len);
+      free_membuf (ctx, &mb);
+    }
+  if (ctx->flags.confidential)
+    wipememory (ctx->inbound.line, LINELENGTH);
   ctx->in_inquire = 0;
   return rc;
 }
-- 
cgit v1.2.1