[tokkee]

tokkee.org

Code

projects / ncmpc.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 65804e7)
screen_utils: check for NULL password
authorMax Kellermann <max@duempel.org>
Mon, 17 Nov 2008 17:28:57 +0000 (18:28 +0100)
committerMax Kellermann <max@duempel.org>
Mon, 17 Nov 2008 17:28:57 +0000 (18:28 +0100)
Fix a NULL pointer dereference and a memory leak: check if
screen_read_password() returns NULL, and don't call
mpd_sendPasswordCommand(NULL) in this case.  Free the password
when done.

src/screen_utils.c patch | blob | history

diff --git a/src/screen_utils.c b/src/screen_utils.c
index 308d049f4802ab0bdda2576083a0c9110255b579..ff3fffa44ce66961ea14cc2bb1d015729e78cf89 100644 (file)
--- a/src/screen_utils.c
+++ b/src/screen_utils.c
@@ -121,10 +121,19 @@ screen_read_password(WINDOW *w, const char *prompt)
 static gint
 _screen_auth(struct mpdclient *c, gint recursion)
 {
+       char *password;
+
        mpd_clearError(c->connection);
        if (recursion > 2)
                return 1;
-       mpd_sendPasswordCommand(c->connection,  screen_read_password(NULL, NULL));
+
+       password = screen_read_password(NULL, NULL);
+       if (password == NULL)
+               return 1;
+
+       mpd_sendPasswordCommand(c->connection, password);
+       g_free(password);
+
        mpd_finishCommand(c->connection);
        mpdclient_update(c);
        if (c->connection->errorCode == MPD_ACK_ERROR_PASSWORD)
ncurses-based Music Player Daemon client (clone)