From dbd0bde41563bc6c29862a1e475b085ec0c66557 Mon Sep 17 00:00:00 2001
From: Simon Tatham <anakin@pobox.com>
Date: Thu, 24 Nov 2022 12:30:18 +0000
Subject: [PATCH] New utility function burnwcs().

Just like burnstr(), it memsets a NUL-terminated string to all zeroes
before freeing it. The only difference is that it does it to a string
of wchar_t.
---
 misc.h               |  1 +
 utils/CMakeLists.txt |  1 +
 utils/burnwcs.c      | 18 ++++++++++++++++++
 3 files changed, 20 insertions(+)
 create mode 100644 utils/burnwcs.c

diff --git a/misc.h b/misc.h
index a0e686a3..46dded1b 100644
--- a/misc.h
+++ b/misc.h
@@ -31,6 +31,7 @@ char *dupcat_fn(const char *s1, ...);
 char *dupprintf(const char *fmt, ...) PRINTF_LIKE(1, 2);
 char *dupvprintf(const char *fmt, va_list ap);
 void burnstr(char *string);
+void burnwcs(wchar_t *string);
 
 /*
  * The visible part of a strbuf structure. There's a surrounding
diff --git a/utils/CMakeLists.txt b/utils/CMakeLists.txt
index 3cf1cbd9..3e43d4d7 100644
--- a/utils/CMakeLists.txt
+++ b/utils/CMakeLists.txt
@@ -9,6 +9,7 @@ add_sources_from_current_dir(utils
   bufchain.c
   buildinfo.c
   burnstr.c
+  burnwcs.c
   cert-expr.c
   chomp.c
   cmdline_get_passwd_input_state_new.c
diff --git a/utils/burnwcs.c b/utils/burnwcs.c
new file mode 100644
index 00000000..15d325f1
--- /dev/null
+++ b/utils/burnwcs.c
@@ -0,0 +1,18 @@
+/*
+ * 'Burn' a dynamically allocated wide string, in the sense of
+ * destroying it beyond recovery: overwrite it with zeroes and then
+ * free it.
+ */
+
+#include <wchar.h>
+
+#include "defs.h"
+#include "misc.h"
+
+void burnwcs(wchar_t *string)
+{
+    if (string) {
+        smemclr(string, sizeof(*string) * wcslen(string));
+        sfree(string);
+    }
+}