PR/34030: Takehiko NOZAKI: Allways allocate the cvs password returned
in the get_cvs_password() function to simplify the code and avoid leaks.
This commit is contained in:
parent
cf30106955
commit
3dbe70d846
7
gnu/dist/xcvs/src/client.c
vendored
7
gnu/dist/xcvs/src/client.c
vendored
@ -3936,11 +3936,8 @@ auth_server (root, lto_server, lfrom_server, verify_only, do_gssapi)
|
||||
send_to_server("\012", 1);
|
||||
|
||||
/* Paranoia. */
|
||||
if (no_passwd)
|
||||
{
|
||||
memset (password, 0, strlen (password));
|
||||
free (password);
|
||||
}
|
||||
memset (password, 0, strlen (password));
|
||||
free (password);
|
||||
# else /* ! AUTH_CLIENT_SUPPORT */
|
||||
error (1, 0, "INTERNAL ERROR: This client does not support pserver authentication");
|
||||
# endif /* AUTH_CLIENT_SUPPORT */
|
||||
|
3
gnu/dist/xcvs/src/login.c
vendored
3
gnu/dist/xcvs/src/login.c
vendored
@ -569,7 +569,6 @@ login (argc, argv)
|
||||
memset (typed_password, 0, strlen (typed_password));
|
||||
free (typed_password);
|
||||
|
||||
memset (cvs_password, 0, strlen (cvs_password));
|
||||
free (cvs_password);
|
||||
free (cvsroot_canonical);
|
||||
cvs_password = NULL;
|
||||
@ -592,7 +591,7 @@ get_cvs_password ()
|
||||
context, then assume they have supplied the correct, scrambled
|
||||
password. */
|
||||
if (cvs_password)
|
||||
return cvs_password;
|
||||
return xstrdup (cvs_password);
|
||||
|
||||
if (getenv ("CVS_PASSWORD") != NULL)
|
||||
{
|
||||
|
Loading…
Reference in New Issue
Block a user