util: string: Introduce virStringEncodeBase64

Add a new helper that sanitizes error semantics of base64_encode_alloc.

7 files changed, 40 insertions, 31 deletions

diff --git a/src/conf/virsecretobj.c b/src/conf/virsecretobj.c
index 721e0b4c9f..4babd31549 100644
--- a/src/conf/virsecretobj.c
+++ b/src/conf/virsecretobj.c
@@ -30,6 +30,7 @@
 #include "virfile.h"
 #include "virhash.h"
 #include "virlog.h"
+#include "virstring.h"
 #include "base64.h"
 
 #define VIR_FROM_THIS VIR_FROM_SECRET
@@ -730,12 +731,8 @@ virSecretObjSaveData(virSecretObjPtr secret)
     if (!secret->value)
         return 0;
 
-    base64_encode_alloc((const char *)secret->value, secret->value_size,
-                        &base64);
-    if (base64 == NULL) {
-        virReportOOMError();
+    if (!(base64 = virStringEncodeBase64(secret->value, secret->value_size)))
         goto cleanup;
-    }
 
     if (virFileRewrite(secret->base64File, S_IRUSR | S_IWUSR,
                        virSecretRewriteFile, base64) < 0)
diff --git a/src/libvirt_private.syms b/src/libvirt_private.syms
index 87d758129d..14a9b08f2d 100644
--- a/src/libvirt_private.syms
+++ b/src/libvirt_private.syms
@@ -2303,6 +2303,7 @@ virSkipSpacesBackwards;
 virStrcpy;
 virStrdup;
 virStringArrayHasString;
+virStringEncodeBase64;
 virStringFreeList;
 virStringFreeListCount;
 virStringGetFirstWithPrefix;
diff --git a/src/qemu/qemu_agent.c b/src/qemu/qemu_agent.c
index c55f304d5a..cbc0995134 100644
--- a/src/qemu/qemu_agent.c
+++ b/src/qemu/qemu_agent.c
@@ -2142,11 +2142,9 @@ qemuAgentSetUserPassword(qemuAgentPtr mon,
     virJSONValuePtr reply = NULL;
     char *password64 = NULL;
 
-    base64_encode_alloc(password, strlen(password), &password64);
-    if (!password64) {
-        virReportOOMError();
+    if (!(password64 = virStringEncodeBase64((unsigned char *) password,
+                                             strlen(password))))
         goto cleanup;
-    }
 
     if (!(cmd = qemuAgentMakeCommand("guest-set-user-password",
                                      "b:crypted", crypted,
diff --git a/src/storage/storage_backend_rbd.c b/src/storage/storage_backend_rbd.c
index 6e92ff7e85..ac46b9dc8a 100644
--- a/src/storage/storage_backend_rbd.c
+++ b/src/storage/storage_backend_rbd.c
@@ -59,7 +59,7 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
     int r = 0;
     virStorageAuthDefPtr authdef = source->auth;
     unsigned char *secret_value = NULL;
-    size_t secret_value_size;
+    size_t secret_value_size = 0;
     char *rados_key = NULL;
     virBuffer mon_host = VIR_BUFFER_INITIALIZER;
     virSecretPtr secret = NULL;
@@ -129,15 +129,8 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
             goto cleanup;
         }
 
-        base64_encode_alloc((char *)secret_value,
-                            secret_value_size, &rados_key);
-        memset(secret_value, 0, secret_value_size);
-
-        if (rados_key == NULL) {
-            virReportError(VIR_ERR_INTERNAL_ERROR, "%s",
-                           _("failed to decode the RADOS key"));
+        if (!(rados_key = virStringEncodeBase64(secret_value, secret_value_size)))
             goto cleanup;
-        }
 
         VIR_DEBUG("Found cephx key: %s", rados_key);
         if (rados_conf_set(ptr->cluster, "key", rados_key) < 0) {
@@ -147,8 +140,6 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
             goto cleanup;
         }
 
-        memset(rados_key, 0, strlen(rados_key));
-
         if (rados_conf_set(ptr->cluster, "auth_supported", "cephx") < 0) {
             virReportError(VIR_ERR_INTERNAL_ERROR,
                            _("failed to set RADOS option: %s"),
@@ -233,8 +224,8 @@ virStorageBackendRBDOpenRADOSConn(virStorageBackendRBDStatePtr ptr,
     ret = 0;
 
  cleanup:
-    VIR_FREE(secret_value);
-    VIR_FREE(rados_key);
+    VIR_DISPOSE_N(secret_value, secret_value_size);
+    VIR_DISPOSE_STRING(rados_key);
 
     virObjectUnref(secret);
 
diff --git a/src/util/virstring.c b/src/util/virstring.c
index 735e65ba1e..2702cecf20 100644
--- a/src/util/virstring.c
+++ b/src/util/virstring.c
@@ -25,6 +25,7 @@
 #include <stdio.h>
 #include <regex.h>
 
+#include "base64.h"
 #include "c-ctype.h"
 #include "virstring.h"
 #include "viralloc.h"
@@ -1066,3 +1067,26 @@ virStringIsPrintable(const char *str)
 
     return true;
 }
+
+
+/**
+ * virStringEncodeBase64:
+ * @buf: buffer of bytes to encode
+ * @buflen: number of bytes to encode
+ *
+ * Encodes @buf to base 64 and returns the resulting string. The caller is
+ * responsible for freeing the result.
+ */
+char *
+virStringEncodeBase64(const uint8_t *buf, size_t buflen)
+{
+    char *ret;
+
+    base64_encode_alloc((const char *) buf, buflen, &ret);
+    if (!ret) {
+        virReportOOMError();
+        return NULL;
+    }
+
+    return ret;
+}
diff --git a/src/util/virstring.h b/src/util/virstring.h
index fd2868a50f..6bc2726a17 100644
--- a/src/util/virstring.h
+++ b/src/util/virstring.h
@@ -277,4 +277,6 @@ void virStringStripControlChars(char *str);
 
 bool virStringIsPrintable(const char *str);
 
+char *virStringEncodeBase64(const uint8_t *buf, size_t buflen);
+
 #endif /* __VIR_STRING_H__ */
diff --git a/tools/virsh-secret.c b/tools/virsh-secret.c
index 087c2ed23a..8588f4cc2a 100644
--- a/tools/virsh-secret.c
+++ b/tools/virsh-secret.c
@@ -32,6 +32,7 @@
 #include "viralloc.h"
 #include "virfile.h"
 #include "virutil.h"
+#include "virstring.h"
 #include "conf/secret_conf.h"
 
 static virSecretPtr
@@ -265,20 +266,15 @@ cmdSecretGetValue(vshControl *ctl, const vshCmd *cmd)
     if (value == NULL)
         goto cleanup;
 
-    base64_encode_alloc((char *)value, value_size, &base64);
-    memset(value, 0, value_size);
-    VIR_FREE(value);
-
-    if (base64 == NULL) {
-        vshError(ctl, "%s", _("Failed to allocate memory"));
+    if (!(base64 = virStringEncodeBase64(value, value_size)))
         goto cleanup;
-    }
+
     vshPrint(ctl, "%s", base64);
-    memset(base64, 0, strlen(base64));
-    VIR_FREE(base64);
     ret = true;
 
  cleanup:
+    VIR_DISPOSE_N(value, value_size);
+    VIR_DISPOSE_STRING(base64);
     virSecretFree(secret);
     return ret;
 }