The branch, v3-2-stable has been updated
via 0f642f6da629714f32e3442cdf1dda8bd6e07cd9 (commit)
from 1c8be8e90a6aba639e6ac6bf5ffb50054970ebf9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-stable
- Log -----------------------------------------------------------------
commit 0f642f6da629714f32e3442cdf1dda8bd6e07cd9
Author: Karolin Seeger <[EMAIL PROTECTED]>
Date: Fri Apr 25 12:07:28 2008 +0200
mount.cifs: Zero mountpassword content before freeing.
Karolin
(cherry picked from commit d99a31848bd2172c15500dd61ce30fef963c1ac6)
-----------------------------------------------------------------------
Summary of changes:
source/client/mount.cifs.c | 27 ++++++++++++++++++++++++---
1 files changed, 24 insertions(+), 3 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source/client/mount.cifs.c b/source/client/mount.cifs.c
index 1b67a5e..7432dac 100644
--- a/source/client/mount.cifs.c
+++ b/source/client/mount.cifs.c
@@ -160,6 +160,9 @@ static void mount_cifs_usage(void)
printf("\nTo display the version number of the mount helper:");
printf("\n\t%s -V\n",thisprogram);
+ if(mountpassword) {
+ memset(mountpassword,0,MOUNT_PASSWD_SIZE);
+ }
SAFE_FREE(mountpassword);
exit(1);
}
@@ -219,6 +222,9 @@ static int open_cred_file(char * file_name)
if(length > 4086) {
printf("mount.cifs failed due to
malformed username in credentials file");
memset(line_buf,0,4096);
+ if(mountpassword) {
+
memset(mountpassword,0,MOUNT_PASSWD_SIZE);
+ }
exit(1);
} else {
got_user = 1;
@@ -285,6 +291,9 @@ static int open_cred_file(char * file_name)
}
fclose(fs);
+ if(line_buf) {
+ memset(line_buf,0,4096);
+ }
SAFE_FREE(line_buf);
return 0;
}
@@ -319,6 +328,7 @@ static int get_password_from_file(int file_descript, char *
filename)
rc = read(file_descript,&c,1);
if(rc < 0) {
printf("mount.cifs failed. Error %s reading password
file\n",strerror(errno));
+ memset(mountpassword,0,MOUNT_PASSWD_SIZE);
if(filename != NULL)
close(file_descript);
exit(1);
@@ -1109,6 +1119,9 @@ int main(int argc, char ** argv)
MOUNT_CIFS_VERSION_MAJOR,
MOUNT_CIFS_VERSION_MINOR,
MOUNT_CIFS_VENDOR_SUFFIX);
+ if(mountpassword) {
+ memset(mountpassword,0,MOUNT_PASSWD_SIZE);
+ }
exit (0);
case 'w':
flags &= ~MS_RDONLY;
@@ -1194,7 +1207,7 @@ int main(int argc, char ** argv)
if (getenv("PASSWD")) {
if(mountpassword == NULL)
- mountpassword = (char *)calloc(65,1);
+ mountpassword = (char *)calloc(MOUNT_PASSWD_SIZE+1,1);
if(mountpassword) {
strlcpy(mountpassword,getenv("PASSWD"),MOUNT_PASSWD_SIZE);
got_password = 1;
@@ -1429,8 +1442,16 @@ mount_exit:
SAFE_FREE(mountpassword);
}
- SAFE_FREE(options);
- SAFE_FREE(orgoptions);
+ if(options) {
+ memset(options,0,optlen);
+ SAFE_FREE(options);
+ }
+
+ if(orgoptions) {
+ memset(orgoptions,0,orgoptlen);
+ SAFE_FREE(orgoptions);
+ }
+
SAFE_FREE(resolved_path);
SAFE_FREE(share_name);
return rc;
--
Samba Shared Repository
