svl: clear temporary copies of passwords in SvlPasswordHelper

This is an obvious place to start, but there might be more copies
elsewhere.

Change-Id: I3c3ea6cb54f40fe5c21c3128b55aeaad1ff74b42
Reviewed-on: https://gerrit.libreoffice.org/49669Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>

svl/source/misc/PasswordHelper.cxx

@@ -33,6 +33,7 @@ void SvPasswordHelper::GetHashPasswordSHA256(uno::Sequence<sal_Int8>& rPassHash,
         ::comphelper::HashType::SHA256));
     rPassHash.realloc(hash.size());
     ::std::copy(hash.begin(), hash.end(), rPassHash.begin());
+    rtl_secureZeroMemory(const_cast<sal_Char *>(tmp.getStr()), tmp.getLength());
 }
 
 void SvPasswordHelper::GetHashPasswordSHA1UTF8(uno::Sequence<sal_Int8>& rPassHash, OUString const& rPassword)
@@ -43,6 +44,7 @@ void SvPasswordHelper::GetHashPasswordSHA1UTF8(uno::Sequence<sal_Int8>& rPassHas
         ::comphelper::HashType::SHA1));
     rPassHash.realloc(hash.size());
     ::std::copy(hash.begin(), hash.end(), rPassHash.begin());
+    rtl_secureZeroMemory(const_cast<sal_Char *>(tmp.getStr()), tmp.getLength());
 }
 
 void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, const sal_Char* pPass, sal_uInt32 nLen)
@@ -69,6 +71,7 @@ void SvPasswordHelper::GetHashPasswordLittleEndian(uno::Sequence<sal_Int8>& rPas
     }
 
     GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
+    rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
 }
 
 void SvPasswordHelper::GetHashPasswordBigEndian(uno::Sequence<sal_Int8>& rPassHash, const OUString& sPass)
@@ -84,6 +87,7 @@ void SvPasswordHelper::GetHashPasswordBigEndian(uno::Sequence<sal_Int8>& rPassHa
     }
 
     GetHashPassword(rPassHash, pCharBuffer.get(), nSize * sizeof(sal_Unicode));
+    rtl_secureZeroMemory(pCharBuffer.get(), nSize * sizeof(sal_Unicode));
 }
 
 void SvPasswordHelper::GetHashPassword(uno::Sequence<sal_Int8>& rPassHash, const OUString& sPass)