Aren/NetBSD
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

PR/34030: Takehiko NOZAKI: Allways allocate the cvs password returned

Browse Source 
in the get_cvs_password() function to simplify the code and avoid leaks.
This commit is contained in:
christos 2006-07-24 18:11:19 +00:00
parent cf30106955
commit 3dbe70d846
2 changed files with 3 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
gnu/dist/xcvs/src/client.c vendored
View File

@ -3936,11 +3936,8 @@ auth_server (root, lto_server, lfrom_server, verify_only, do_gssapi)
send_to_server("\012", 1); send_to_server("\012", 1);
/* Paranoia. */ /* Paranoia. */
if (no_passwd) memset (password, 0, strlen (password));
{ free (password);
memset (password, 0, strlen (password));
free (password);
}
# else /* ! AUTH_CLIENT_SUPPORT */ # else /* ! AUTH_CLIENT_SUPPORT */
error (1, 0, "INTERNAL ERROR: This client does not support pserver authentication"); error (1, 0, "INTERNAL ERROR: This client does not support pserver authentication");
# endif /* AUTH_CLIENT_SUPPORT */ # endif /* AUTH_CLIENT_SUPPORT */

3
gnu/dist/xcvs/src/login.c vendored
View File

@ -569,7 +569,6 @@ login (argc, argv)
memset (typed_password, 0, strlen (typed_password)); memset (typed_password, 0, strlen (typed_password));
free (typed_password); free (typed_password);
memset (cvs_password, 0, strlen (cvs_password));
free (cvs_password); free (cvs_password);
free (cvsroot_canonical); free (cvsroot_canonical);
cvs_password = NULL; cvs_password = NULL;
@ -592,7 +591,7 @@ get_cvs_password ()
context, then assume they have supplied the correct, scrambled context, then assume they have supplied the correct, scrambled
password. */ password. */
if (cvs_password) if (cvs_password)
return cvs_password; return xstrdup (cvs_password);
if (getenv ("CVS_PASSWORD") != NULL) if (getenv ("CVS_PASSWORD") != NULL)
{ {