lib:util: Check memset_s() error code in talloc_keep_secret_destructor()

Panic if memset_s() fails.

Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz>
Reviewed-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Andrew Bartlett <abartlet@samba.org>
(cherry picked from commit 03a50d8f7d872b6ef701d1207061c88b73d171bb)

diff --git a/lib/util/talloc_keep_secret.c b/lib/util/talloc_keep_secret.c
index d6aa38265f650942cec7bf0f91669b2b24eecac1..c427406cbbae2ece97ac41778c6b6e950a5f2b80 100644 (file)
--- a/lib/util/talloc_keep_secret.c
+++ b/lib/util/talloc_keep_secret.c
@@ -20,13 +20,26 @@
 
 static int talloc_keep_secret_destructor(void *ptr)
 {
+       int ret;
        size_t size = talloc_get_size(ptr);
 
        if (unlikely(size == 0)) {
                return 0;
        }
 
-       memset_s(ptr, size, 0, size);
+       ret = memset_s(ptr, size, 0, size);
+       if (unlikely(ret != 0)) {
+               char *msg = NULL;
+               int ret2;
+               ret2 = asprintf(&msg,
+                               "talloc_keep_secret_destructor: memset_s() failed: %s",
+                               strerror(ret));
+               if (ret2 != -1) {
+                       smb_panic(msg);
+               } else {
+                       smb_panic("talloc_keep_secret_destructor: memset_s() failed");
+               }
+       }
 
        return 0;
 }