diff options
| author | Christophe Fergeau <cfergeau@redhat.com> | 2014-09-02 18:42:45 +0200 |
|---|---|---|
| committer | Christophe Fergeau <cfergeau@redhat.com> | 2014-09-03 10:23:44 +0200 |
| commit | f8d82acaa268d45c5a071216524ba0b9a5da479f (patch) | |
| tree | be3063937c275a10ede115b78a2762ed32bc53ea | |
| parent | 92a063498d3f23c1fefe4ee70d86c329e325c1ad (diff) | |
| download | librest-f8d82acaa268d45c5a071216524ba0b9a5da479f.tar.gz | |
oauth: Don't leak RestProxyCall::token{_secret}
https://bugzilla.gnome.org/show_bug.cgi?id=735922
| -rw-r--r-- | rest/oauth-proxy-call.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/rest/oauth-proxy-call.c b/rest/oauth-proxy-call.c index ac94492..dce2c66 100644 --- a/rest/oauth-proxy-call.c +++ b/rest/oauth-proxy-call.c @@ -340,6 +340,8 @@ oauth_proxy_call_parse_token_response (OAuthProxyCall *call) form = soup_form_decode (rest_proxy_call_get_payload (REST_PROXY_CALL (call))); + g_free (priv->token); + g_free (priv->token_secret); priv->token = g_strdup (g_hash_table_lookup (form, "oauth_token")); priv->token_secret = g_strdup (g_hash_table_lookup (form, "oauth_token_secret")); /* This header should only exist for request_token replies, but its easier just to always check it */ |