Print this page
9642 PKCS#11 softtoken should use explicit_bzero
Reviewed by: Dan McDonald <danmcd@joyent.com>
Reviewed by: Alex Wilson <alex.wilson@joyent.com>
@@ -18,10 +18,11 @@
*
* CDDL HEADER END
*/
/*
* Copyright (c) 2004, 2010, Oracle and/or its affiliates. All rights reserved.
+ * Copyright (c) 2018, Joyent, Inc.
*/
#include <stdlib.h>
#include <string.h>
@@ -594,11 +595,12 @@
free(object->clones);
free(object->tried_create_clone);
if (object->clone_template) {
for (i = 0; i < object->clone_template_size; i++) {
- free(((object->clone_template)[i]).pValue);
+ freezero((object->clone_template)[i].pValue,
+ (object->clone_template)[i].ulValueLen);
}
free(object->clone_template);
}
/* Cleanup remaining object fields. */
@@ -857,11 +859,12 @@
}
if (attrs_with_val) {
for (i = 0; i < num_attrs; i++) {
if (attrs_with_val[i].pValue != NULL) {
- free(attrs_with_val[i].pValue);
+ freezero(attrs_with_val[i].pValue,
+ attrs_with_val[i].ulValueLen);
}
}
free(attrs_with_val);
}
return (rv);
@@ -1489,11 +1492,11 @@
if (tmp_meta_session) {
(void) meta_session_dealloc(tmp_meta_session);
}
if (wrappedKey) {
- free(wrappedKey);
+ freezero(wrappedKey, wrappedKeyLen);
}
if (src_slot_session) {
meta_release_slot_session(src_slot_session);
}