nemunaire/eiwd
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

agent: document unavoidable passphrase residue in eldbus message

Browse source 
The passphrase is copied into the libdbus-owned outbound message buffer
and freed asynchronously by eldbus after the reply is sent — we cannot
wipe it ourselves. Callers already explicit_bzero their own copies; add
a comment so future readers don't mistake the missing wipe here for an
oversight.
This commit is contained in:
nemunaire 2026-04-29 15:00:13 +07:00
commit 282bc830ee
1 changed files with 6 additions and 0 deletions
Download patch file Download diff file Expand all files Collapse all files

6
src/iwd/iwd_agent.c
View file

@ -115,6 +115,12 @@ void
iwd_agent_reply(Iwd_Agent_Request *req, const char *passphrase) iwd_agent_reply(Iwd_Agent_Request *req, const char *passphrase)
{ {
if (!req) return; if (!req) return;
/* The passphrase is copied into the eldbus/libdbus marshalled message
* buffer here. We can't wipe that buffer ourselves eldbus owns it and
* frees it asynchronously after the call is sent. Callers are expected
* to explicit_bzero their own copy of `passphrase` after this returns;
* the residue inside the outbound D-Bus message is unavoidable at this
* boundary. */
Eldbus_Message *r = eldbus_message_method_return_new(req->msg); Eldbus_Message *r = eldbus_message_method_return_new(req->msg);
eldbus_message_arguments_append(r, "s", passphrase ? passphrase : ""); eldbus_message_arguments_append(r, "s", passphrase ? passphrase : "");
eldbus_connection_send(req->agent->conn, r, NULL, NULL, -1); eldbus_connection_send(req->agent->conn, r, NULL, NULL, -1);