From a0dc9549ee29dea1a9186204fc1c18985321752f Mon Sep 17 00:00:00 2001
From: Max Kellermann <max@duempel.org>
Date: Mon, 17 Nov 2008 18:28:57 +0100
Subject: [PATCH] screen_utils: check for NULL password

Fix a NULL pointer dereference and a memory leak: check if
screen_read_password() returns NULL, and don't call
mpd_sendPasswordCommand(NULL) in this case.  Free the password
when done.
---
 src/screen_utils.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/screen_utils.c b/src/screen_utils.c
index 308d049..ff3fffa 100644
--- a/src/screen_utils.c
+++ b/src/screen_utils.c
@@ -121,10 +121,19 @@ screen_read_password(WINDOW *w, const char *prompt)
 static gint
 _screen_auth(struct mpdclient *c, gint recursion)
 {
+	char *password;
+
 	mpd_clearError(c->connection);
 	if (recursion > 2)
 		return 1;
-	mpd_sendPasswordCommand(c->connection,  screen_read_password(NULL, NULL));
+
+	password = screen_read_password(NULL, NULL);
+	if (password == NULL)
+		return 1;
+
+	mpd_sendPasswordCommand(c->connection, password);
+	g_free(password);
+
 	mpd_finishCommand(c->connection);
 	mpdclient_update(c);
 	if (c->connection->errorCode == MPD_ACK_ERROR_PASSWORD)
-- 
2.30.2