diff options
author | Antonio Cardace <acardace@redhat.com> | 2019-12-18 13:42:06 +0100 |
---|---|---|
committer | Antonio Cardace <acardace@redhat.com> | 2019-12-18 13:47:52 +0100 |
commit | 27776a1d97e1375d8d1b229f7128243738a41b4a (patch) | |
tree | 487c072328569cae9ca2289109a3cbea8c9240aa | |
parent | cfc418f8876a7adab0e23bbd10fe9725c7b60b2e (diff) | |
download | NetworkManager-27776a1d97e1375d8d1b229f7128243738a41b4a.tar.gz |
common: readline: fix memory leak of plain text secretac/readline_fix_leaks
After a user entered a secret it would get stored in the readline
history data structure (in plain text) and eventually get leaked.
This commit instructs readline to not store any secret in its
history.
-rw-r--r-- | clients/cli/common.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/clients/cli/common.c b/clients/cli/common.c index b5e684cecb..326d7da530 100644 --- a/clients/cli/common.c +++ b/clients/cli/common.c @@ -1005,7 +1005,7 @@ nmc_readline_echo (const NmcConfig *nmc_config, va_list args; gs_free char *prompt = NULL; char *str; - HISTORY_STATE *saved_history; + gs_free HISTORY_STATE *saved_history = NULL; HISTORY_STATE passwd_history = { 0, }; va_start (args, prompt_fmt); @@ -1018,6 +1018,10 @@ nmc_readline_echo (const NmcConfig *nmc_config, if (!echo_on) { saved_history = history_get_history_state (); history_set_history_state (&passwd_history); + /* stifling history is important as it tells readline to + * not store anything, otherwise sensitive data could be + * leaked */ + stifle_history (0); rl_redisplay_function = nmc_secret_redisplay; } |