[linux-cifs-client] Possible password left in buffer
Jeff Layton
jlayton at samba.org
Fri Apr 16 05:12:08 MDT 2010
On Thu, 15 Apr 2010 01:06:55 -0400
Scott Lovenberg <scott.lovenberg at gmail.com> wrote:
> Just wondering if SAFE_FREE(char*) has to be called on temp_val in
> open_cred_file() of mount.cifs.c. Unless I'm missing something, a parsed
> password will be left in temp_val because it never gets zeroed out.
>
Yeah, looks like something that should be fixed. In fact, that whole
function needs some overhaul -- the magic 4096/4086/4087 numbers in it
are pretty yucky and make it hard to tell what's going on. That should
use a #define'd constant. Also, the user= field should probably be
fixed so that it uses parse_username() too.
Care to send a patch? If not, I'll plan to fix that sometime before the
next release.
Thanks,
--
Jeff Layton <jlayton at samba.org>
More information about the linux-cifs-client
mailing list