return 0;
}
-void free_pass(char **p)
+void clear_mem(void *p, size_t s)
{
- if (!*p)
- return;
-
#if defined(HAVE_MEMSET_S)
- memset_s(*p, 0x5a, strlen(*p));
+ memset_s(p, 0x5a, s);
#elif defined(HAVE_EXPLICIT_MEMSET)
- explicit_memset(*p, 0x5a, strlen(*p));
+ explicit_memset(p, 0x5a, s);
#elif defined(HAVE_EXPLICIT_BZERO)
- explicit_bzero(*p, strlen(*p));
+ explicit_bzero(p, s);
#elif defined(_WIN32)
- SecureZeroMemory(*p, strlen(*p));
+ SecureZeroMemory(p, s);
#else
- {
- volatile char *pp = (volatile char *)*p;
- while (*pp)
- *(pp++) = 0x5a;
- }
+ volatile char *pp = (volatile char *)p;
+ while (s--)
+ *(pp++) = 0x5a;
#endif
+}
+
+void free_pass(char **p)
+{
+ if (!*p)
+ return;
+
+ clear_mem(*p, strlen(*p));
free(*p);
*p = NULL;
}
/* submit prelogin request to get form */
orig_path = vpninfo->urlpath;
- asprintf(&vpninfo->urlpath, "%s/prelogin.esp?tmp=tmp&clientVer=4100&clientos=%s",
- portal ? "global-protect" : "ssl-vpn", clientos);
+ if (asprintf(&vpninfo->urlpath, "%s/prelogin.esp?tmp=tmp&clientVer=4100&clientos=%s",
+ portal ? "global-protect" : "ssl-vpn", clientos)) {
+ result = -ENOMEM;
+ goto out;
+ }
result = do_https_request(vpninfo, "POST", NULL, NULL, &xml_buf, 0);
free(vpninfo->urlpath);
vpninfo->urlpath = orig_path;
void release_tpm2_ctx(struct openconnect_info *vpninfo)
{
- if (vpninfo->tpm2)
+ if (vpninfo->tpm2) {
+ clear_mem(vpninfo->tpm2->ownerauth.buffer, sizeof(vpninfo->tpm2->ownerauth.buffer));
+ clear_mem(vpninfo->tpm2->userauth.buffer, sizeof(vpninfo->tpm2->userauth.buffer));
free(vpninfo->tpm2);
+ }
vpninfo->tpm2 = NULL;
}
int append_opt(struct oc_text_buf *body, const char *opt, const char *name);
int append_form_opts(struct openconnect_info *vpninfo,
struct oc_auth_form *form, struct oc_text_buf *body);
+void clear_mem(void *p, size_t s);
void free_pass(char **p);
void free_opt(struct oc_form_opt *opt);
void free_auth_form(struct oc_auth_form *form);
projects / users / dwmw2 / openconnect.git / commitdiff