Fix leak of PINs from ipsec.secrets
authorMartin Willi <martin@revosec.ch>
Thu, 4 Oct 2012 12:45:10 +0000 (14:45 +0200)
committerMartin Willi <martin@revosec.ch>
Tue, 9 Oct 2012 09:54:00 +0000 (11:54 +0200)
src/libcharon/plugins/stroke/stroke_cred.c

index ebc09c0..5ecaa35 100644 (file)
@@ -666,7 +666,7 @@ static bool load_pin(private_stroke_cred_t *this, chunk_t line, int line_nr,
                free(secret.ptr);
                if (!prompt)
                {       /* no IO channel to prompt, skip */
-                       free(chunk.ptr);
+                       chunk_clear(&chunk);
                        return TRUE;
                }
                /* use callback credential set to prompt for the pin */
@@ -719,6 +719,7 @@ static bool load_pin(private_stroke_cred_t *this, chunk_t line, int line_nr,
                lib->credmgr->remove_local_set(lib->credmgr, &cb->set);
                cb->destroy(cb);
        }
+       chunk_clear(&chunk);
 
        if (key)
        {