From e5e87497b1bfc06f8a25e78f5bce38ebfb59b763 Mon Sep 17 00:00:00 2001
From: Luke Howard <lukeh@padl.com>
Date: Fri, 7 Jan 2022 14:58:38 +1100
Subject: [PATCH] hdb: use memset_s to zero HDB keys

---
 lib/hdb/hdb.c | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/lib/hdb/hdb.c b/lib/hdb/hdb.c
index 3978048ad..347e00504 100644
--- a/lib/hdb/hdb.c
+++ b/lib/hdb/hdb.c
@@ -359,9 +359,10 @@ hdb_enctype2key(krb5_context context,
 void
 hdb_free_key(Key *key)
 {
-    memset(key->key.keyvalue.data,
-	   0,
-	   key->key.keyvalue.length);
+    memset_s(key->key.keyvalue.data,
+	     key->key.keyvalue.length,
+	     0,
+	     key->key.keyvalue.length);
     free_Key(key);
     free(key);
 }
@@ -407,7 +408,10 @@ hdb_free_entry(krb5_context context, hdb_entry_ex *ent)
     for(i = 0; i < ent->entry.keys.len; i++) {
 	k = &ent->entry.keys.val[i];
 
-	memset (k->key.keyvalue.data, 0, k->key.keyvalue.length);
+	memset_s(k->key.keyvalue.data,
+		 k->key.keyvalue.length,
+		 0,
+		 k->key.keyvalue.length);
     }
     free_HDB_entry(&ent->entry);
 }