On Tue, Aug 12, 2014 at 6:10 PM, Jonathon Jongsma <jjongsma@xxxxxxxxxx> wrote:
When collect_credentials() returns a failure status, 'username' was
potentially leaked.
---
src/remote-viewer.c | 11 +++++------
1 file changed, 5 insertions(+), 6 deletions(-)
Fixed leak mentioned by Christophe
diff --git a/src/remote-viewer.c b/src/remote-viewer.c
index 30f8444..1f2fa0d 100644
--- a/src/remote-viewer.c
+++ b/src/remote-viewer.c
@@ -717,17 +717,16 @@ authenticate_cb(RestProxy *proxy, G_GNUC_UNUSED RestProxyAuth *auth,
"oVirt",
NULL,
&username, &password);
- if (ret < 0) {
- return FALSE;
- } else {
+ if (ret == 0) {
g_object_set(G_OBJECT(proxy),
"username", username,
"password", password,
NULL);
- g_free(username);
- g_free(password);
- return TRUE;
}
+
+ g_free(username);
+ g_free(password);
+ return (ret == 0);
}
--
1.9.3
_______________________________________________
virt-tools-list mailing list
virt-tools-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/virt-tools-list
ACK!
-- Fabiano Fidêncio
_______________________________________________ virt-tools-list mailing list virt-tools-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/virt-tools-list
