diff options
author | Brandon Casey <drafnel@gmail.com> | 2013-09-23 20:49:12 +0200 |
---|---|---|
committer | Junio C Hamano <gitster@pobox.com> | 2013-10-16 18:35:32 +0200 |
commit | da2727f23c68fb8cbda3cbd03e81141531166585 (patch) | |
tree | 5f30fdb81389d7d6ccb85aa3f32173be0d2cdd20 | |
parent | contrib/git-credential-gnome-keyring.c: use secure memory functions for passwds (diff) | |
download | git-da2727f23c68fb8cbda3cbd03e81141531166585.tar.xz git-da2727f23c68fb8cbda3cbd03e81141531166585.zip |
contrib/git-credential-gnome-keyring.c: use secure memory for reading passwords
gnome-keyring provides functions to allocate non-pageable memory (if
possible). Let's use them to allocate memory that may be used to hold
secure data read from the keyring.
Signed-off-by: Brandon Casey <drafnel@gmail.com>
Signed-off-by: Junio C Hamano <gitster@pobox.com>
-rw-r--r-- | contrib/credential/gnome-keyring/git-credential-gnome-keyring.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c b/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c index d8a7038a6e..5e79669469 100644 --- a/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c +++ b/contrib/credential/gnome-keyring/git-credential-gnome-keyring.c @@ -289,12 +289,14 @@ static void credential_clear(struct credential *c) static int credential_read(struct credential *c) { - char buf[1024]; + char *buf; size_t line_len; - char *key = buf; + char *key; char *value; - while (fgets(buf, sizeof(buf), stdin)) + key = buf = gnome_keyring_memory_alloc(1024); + + while (fgets(buf, 1024, stdin)) { line_len = strlen(buf); @@ -307,6 +309,7 @@ static int credential_read(struct credential *c) value = strchr(buf,'='); if (!value) { warning("invalid credential line: %s", key); + gnome_keyring_memory_free(buf); return -1; } *value++ = '\0'; @@ -339,6 +342,9 @@ static int credential_read(struct credential *c) * learn new lines, and the helpers are updated to match. */ } + + gnome_keyring_memory_free(buf); + return 0; } |