[vlc-commits] keystore: fix use-after-free
Thomas Guillem
git at videolan.org
Sun Jan 24 12:18:59 CET 2016
vlc | branch: master | Thomas Guillem <thomas at gllm.fr> | Sun Jan 24 12:18:14 2016 +0100| [3ec1162527b4f16e47b01fff4d6ca0d18957c48e] | committer: Thomas Guillem
keystore: fix use-after-free
> http://git.videolan.org/gitweb.cgi/vlc.git/?a=commit;h=3ec1162527b4f16e47b01fff4d6ca0d18957c48e
---
src/misc/keystore.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/misc/keystore.c b/src/misc/keystore.c
index e44e605..62c7603 100644
--- a/src/misc/keystore.c
+++ b/src/misc/keystore.c
@@ -393,21 +393,25 @@ vlc_credential_get(vlc_credential *p_credential, vlc_object_t *p_parent,
case GET_FROM_DIALOG:
if (!psz_dialog_title || !psz_dialog_fmt)
return false;
+ char *psz_dialog_username = NULL;
+ char *psz_dialog_password = NULL;
- free(p_credential->psz_dialog_username);
- free(p_credential->psz_dialog_password);
- p_credential->psz_dialog_username =
- p_credential->psz_dialog_password = NULL;
-
- /* TODO: save previously saved username and print it in dialog */
va_list ap;
va_start(ap, psz_dialog_fmt);
dialog_vaLogin(p_parent, p_credential->psz_username,
- &p_credential->psz_dialog_username,
- &p_credential->psz_dialog_password,
+ &psz_dialog_username, &psz_dialog_password,
p_credential->p_keystore ? &p_credential->b_store : NULL,
psz_dialog_title, psz_dialog_fmt, ap);
va_end(ap);
+
+ /* Free previous dialog strings after dialog_vaLogin call since
+ * p_credential->psz_username (default username) can be a pointer
+ * to p_credential->psz_dialog_username */
+ free(p_credential->psz_dialog_username);
+ free(p_credential->psz_dialog_password);
+ p_credential->psz_dialog_username = psz_dialog_username;
+ p_credential->psz_dialog_password = psz_dialog_password;
+
if (p_credential->psz_dialog_username
&& p_credential->psz_dialog_password)
{
More information about the vlc-commits
mailing list