Make credential clearing consistent

This makes all of the credential objects use the same pattern to
clear the contents and call git__memzero when done.  Much of this
information is probably not sensitive, but it also seems better
to just clear consistently.

1 files changed, 8 insertions, 12 deletions

diff --git a/src/transports/cred.c b/src/transports/cred.c
index 1d8527e39..d713f8992 100644
--- a/src/transports/cred.c
+++ b/src/transports/cred.c
@@ -12,16 +12,17 @@
 static void plaintext_free(struct git_cred *cred)
 {
 	git_cred_userpass_plaintext *c = (git_cred_userpass_plaintext *)cred;
-	size_t pass_len = strlen(c->password);
 
 	git__free(c->username);
 
 	/* Zero the memory which previously held the password */
-	git__memzero(c->password, pass_len);
-	git__free(c->password);
-
-	memset(c, 0, sizeof(*c));
+	if (c->password) {
+		size_t pass_len = strlen(c->password);
+		git__memzero(c->password, pass_len);
+		git__free(c->password);
+	}
 
+	git__memzero(c, sizeof(*c));
 	git__free(c);
 }
 
@@ -74,8 +75,7 @@ static void ssh_keyfile_passphrase_free(struct git_cred *cred)
 		git__free(c->passphrase);
 	}
 
-	memset(c, 0, sizeof(*c));
-
+	git__memzero(c, sizeof(*c));
 	git__free(c);
 }
 
@@ -85,11 +85,7 @@ static void ssh_publickey_free(struct git_cred *cred)
 
 	git__free(c->publickey);
 
-	c->sign_callback = NULL;
-	c->sign_data = NULL;
-
-	memset(c, 0, sizeof(*c));
-
+	git__memzero(c, sizeof(*c));
 	git__free(c);
 }