contrib/git-credential-gnome-keyring.c: use secure memory for reading passwords
gnome-keyring provides functions to allocate non-pageable memory (if possible). Let's use them to allocate memory that may be used to hold secure data read from the keyring. Signed-off-by: Brandon Casey <drafnel@gmail.com> Signed-off-by: Junio C Hamano <gitster@pobox.com>maint
Brandon Casey
Junio C Hamano
parent
9fe3e6cf9e
commit
da2727f23c
|
|
@ -289,12 +289,14 @@ static void credential_clear(struct credential *c)
|
||||||
|
|
||||||
static int credential_read(struct credential *c)
|
static int credential_read(struct credential *c)
|
||||||
{
|
{
|
||||||
char buf[1024];
|
char *buf;
|
||||||
size_t line_len;
|
size_t line_len;
|
||||||
char *key = buf;
|
char *key;
|
||||||
char *value;
|
char *value;
|
||||||
|
|
||||||
while (fgets(buf, sizeof(buf), stdin))
|
key = buf = gnome_keyring_memory_alloc(1024);
|
||||||
|
|
||||||
|
while (fgets(buf, 1024, stdin))
|
||||||
{
|
{
|
||||||
line_len = strlen(buf);
|
line_len = strlen(buf);
|
||||||
|
|
||||||
|
|
@ -307,6 +309,7 @@ static int credential_read(struct credential *c)
|
||||||
value = strchr(buf,'=');
|
value = strchr(buf,'=');
|
||||||
if (!value) {
|
if (!value) {
|
||||||
warning("invalid credential line: %s", key);
|
warning("invalid credential line: %s", key);
|
||||||
|
gnome_keyring_memory_free(buf);
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
*value++ = '\0';
|
*value++ = '\0';
|
||||||
|
|
@ -339,6 +342,9 @@ static int credential_read(struct credential *c)
|
||||||
* learn new lines, and the helpers are updated to match.
|
* learn new lines, and the helpers are updated to match.
|
||||||
*/
|
*/
|
||||||
}
|
}
|
||||||
|
|
||||||
|
gnome_keyring_memory_free(buf);
|
||||||
|
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue