[vlc-commits] keychain: Pad user name if its read out from keychain
David Fuhrmann
git at videolan.org
Thu Apr 19 01:11:17 CEST 2018
vlc/vlc-3.0 | branch: master | David Fuhrmann <dfuhrmann at videolan.org> | Thu Apr 19 01:05:21 2018 +0200| [52d6aeb7d7ce02544aaea5c1936c490fac04da78] | committer: David Fuhrmann
keychain: Pad user name if its read out from keychain
Tests show that the username actually still needs to be padded.
Otherwise, crashes can occur in subsequent usage of username, as
it might contain garbage.
(cherry picked from commit 2cbb6f31d146ca38b47fadd1009ec8e876591d4f)
Signed-off-by: David Fuhrmann <dfuhrmann at videolan.org>
> http://git.videolan.org/gitweb.cgi/vlc/vlc-3.0.git/?a=commit;h=52d6aeb7d7ce02544aaea5c1936c490fac04da78
---
modules/keystore/keychain.m | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/modules/keystore/keychain.m b/modules/keystore/keychain.m
index e8c3ee98fa..09b2dc9c1c 100644
--- a/modules/keystore/keychain.m
+++ b/modules/keystore/keychain.m
@@ -399,7 +399,10 @@ static unsigned int Find(vlc_keystore *p_keystore,
case kSecAccountItemAttr:
if (!p_entry->ppsz_values[KEY_USER]) {
msg_Dbg(p_keystore, "using account name from the keychain for login");
- p_entry->ppsz_values[KEY_USER] = strdup((const char *)attr->data);
+
+ char *paddedName = calloc(1, attr->length + 1);
+ memcpy(paddedName, attr->data, attr->length);
+ p_entry->ppsz_values[KEY_USER] = paddedName;
}
break;
default:
More information about the vlc-commits
mailing list