From 0165ef119a90def13bb1b5be3f4bbf7c552ceb61 Mon Sep 17 00:00:00 2001
From: Alexey Tikhonov <atikhono@redhat.com>
Date: Nov 29 2019 10:22:28 +0000
Subject: tools/sss_seed: proper zeroization of sensitive data


Relates: https://pagure.io/SSSD/sssd/issue/3956

Reviewed-by: Sumit Bose <sbose@redhat.com>

---

diff --git a/src/tools/sss_seed.c b/src/tools/sss_seed.c
index 5ee54ac..283974b 100644
--- a/src/tools/sss_seed.c
+++ b/src/tools/sss_seed.c
@@ -224,6 +224,7 @@ static int seed_password_input_prompt(TALLOC_CTX *mem_ctx, char **_password)
     }
 
     password = talloc_strdup(tmp_ctx, temp);
+    sss_erase_mem_securely(temp, strlen(temp));
     if (password == NULL) {
         ret = ENOMEM;
         goto done;
@@ -250,6 +251,9 @@ static int seed_password_input_prompt(TALLOC_CTX *mem_ctx, char **_password)
 
 done:
     talloc_free(tmp_ctx);
+    if (temp != NULL) {
+        sss_erase_mem_securely(temp, strlen(temp));
+    }
     return ret;
 }
 
@@ -335,10 +339,14 @@ static int seed_password_input_file(TALLOC_CTX *mem_ctx,
         goto done;
     }
 
+    talloc_set_destructor((TALLOC_CTX *)password,
+                          sss_erase_talloc_mem_securely);
+
     *_password = talloc_steal(mem_ctx, password);
 
 done:
     talloc_free(tmp_ctx);
+    sss_erase_mem_securely(buf, sizeof(buf));
     return ret;
 }