From 18fd4964f66ab297a5540f38f5dd6fb22b8e4572 Mon Sep 17 00:00:00 2001
From: Werner Koch <wk@gnupg.org>
Date: Mon, 20 Dec 2004 08:32:56 +0000
Subject: * call-scd.c (init_membuf, put_membuf, get_membuf): Removed.  We now
 use the identical implementation from ../common/membuf.c.

* pksign.c (agent_pksign): Changed arg OUTFP to OUTBUF and use
membuf functions to return the value.
* pkdecrypt.c (agent_pkdecrypt): Ditto.
* genkey.c (agent_genkey): Ditto.
* command.c (cmd_pksign, cmd_pkdecrypt, cmd_genkey): Replaced
assuan_get_data_fp() by a the membuf scheme.
(clear_outbuf, write_and_clear_outbuf): New.

* membuf.c (put_membuf): Wipe out buffer after a failed realloc.
---
 common/membuf.c | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'common/membuf.c')

diff --git a/common/membuf.c b/common/membuf.c
index 69e4ab908..75f6bdb2a 100644
--- a/common/membuf.c
+++ b/common/membuf.c
@@ -60,6 +60,11 @@ put_membuf (membuf_t *mb, const void *buf, size_t len)
       if (!p)
         {
           mb->out_of_core = errno;
+          /* Wipe out what we already accumulated.  This is required
+             in case we are storing sensitive data here.  The membuf
+             API does not provide another way to cleanup after an
+             error. */ 
+          memset (mb->buf, 0, mb->len);
           return;
         }
       mb->buf = p;
-- 
cgit v1.2.3