diff options
Diffstat (limited to 'src/libstrongswan')
-rw-r--r-- | src/libstrongswan/asn1/asn1.c | 11 | ||||
-rw-r--r-- | src/libstrongswan/asn1/asn1.h | 6 |
2 files changed, 14 insertions, 3 deletions
diff --git a/src/libstrongswan/asn1/asn1.c b/src/libstrongswan/asn1/asn1.c index ec46b165b..ea6702df9 100644 --- a/src/libstrongswan/asn1/asn1.c +++ b/src/libstrongswan/asn1/asn1.c @@ -832,9 +832,16 @@ chunk_t asn1_wrap(asn1_t type, const char *mode, ...) memcpy(pos, ch.ptr, ch.len); pos += ch.len; - if (*mode++ == 'm') + switch (*mode++) { - free(ch.ptr); + case 's': + chunk_clear(&ch); + break; + case 'm': + free(ch.ptr); + break; + default: + break; } } va_end(chunks); diff --git a/src/libstrongswan/asn1/asn1.h b/src/libstrongswan/asn1/asn1.h index 8072d62d6..6ed9bf416 100644 --- a/src/libstrongswan/asn1/asn1.h +++ b/src/libstrongswan/asn1/asn1.h @@ -250,8 +250,12 @@ chunk_t asn1_integer(const char *mode, chunk_t content); /** * Build an ASN.1 object from a variable number of individual chunks * + * The mode string specifies the number of chunks, and how to handle each of + * them with a single character: 'c' for copy (allocate new chunk), 'm' for move + * (free given chunk) or 's' for sensitive-copy (clear given chunk, then free). + * * @param type ASN.1 type to be created - * @param mode for each list member: 'c' for copy or 'm' for move + * @param mode for each list member: 'c', 'm' or 's' * @return chunk containing the ASN.1 coded object */ chunk_t asn1_wrap(asn1_t type, const char *mode, ...); |