krb5: always zero elastic storage

Elastic storage (returned from krb5_storage_emem()) often contains secret keys.
Ensure memory is zeroed on free using memset_s() rather than memset().

diff --git a/lib/krb5/store_emem.c b/lib/krb5/store_emem.c
index 6d95bcf525a8850540f5713449f95ef9de12f66b..d3eef5b1e12dee2fd9a32fe727ce7a53b933bae1 100644 (file)
--- a/lib/krb5/store_emem.c
+++ b/lib/krb5/store_emem.c
@@ -139,7 +139,7 @@ static void
 emem_free(krb5_storage *sp)
 {
     emem_storage *s = sp->data;
-    memset(s->base, 0, s->len);
+    memset_s(s->base, s->len, 0, s->len);
     free(s->base);
 }