diff options
author | Max Kellermann <max@duempel.org> | 2008-11-17 18:28:57 +0100 |
---|---|---|
committer | Max Kellermann <max@duempel.org> | 2008-11-17 18:28:57 +0100 |
commit | a0dc9549ee29dea1a9186204fc1c18985321752f (patch) | |
tree | 1b4e7c1429bd8bc737f780ce40cc136aa833b640 /src | |
parent | 65804e73eaed005b0f8114e5c6f03fa59341a2bc (diff) | |
download | mpd-a0dc9549ee29dea1a9186204fc1c18985321752f.tar.gz mpd-a0dc9549ee29dea1a9186204fc1c18985321752f.tar.xz mpd-a0dc9549ee29dea1a9186204fc1c18985321752f.zip |
screen_utils: check for NULL password
Fix a NULL pointer dereference and a memory leak: check if
screen_read_password() returns NULL, and don't call
mpd_sendPasswordCommand(NULL) in this case. Free the password
when done.
Diffstat (limited to 'src')
-rw-r--r-- | src/screen_utils.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/screen_utils.c b/src/screen_utils.c index 308d049f4..ff3fffa44 100644 --- a/src/screen_utils.c +++ b/src/screen_utils.c @@ -121,10 +121,19 @@ screen_read_password(WINDOW *w, const char *prompt) static gint _screen_auth(struct mpdclient *c, gint recursion) { + char *password; + mpd_clearError(c->connection); if (recursion > 2) return 1; - mpd_sendPasswordCommand(c->connection, screen_read_password(NULL, NULL)); + + password = screen_read_password(NULL, NULL); + if (password == NULL) + return 1; + + mpd_sendPasswordCommand(c->connection, password); + g_free(password); + mpd_finishCommand(c->connection); mpdclient_update(c); if (c->connection->errorCode == MPD_ACK_ERROR_PASSWORD) |