diff options
author | Antonio Cardace <acardace@redhat.com> | 2019-12-18 13:42:06 +0100 |
---|---|---|
committer | Antonio Cardace <acardace@redhat.com> | 2019-12-18 16:14:48 +0100 |
commit | 725cc687106d6450bf6d6878e7d2936ddc56bca9 (patch) | |
tree | 89d40f3671a17bc4d5c0c43e6c1e30712e68a6c3 | |
parent | cfc418f8876a7adab0e23bbd10fe9725c7b60b2e (diff) | |
download | NetworkManager-725cc687106d6450bf6d6878e7d2936ddc56bca9.tar.gz |
common: readline: fix memory leak of plain text secret
After a user entered a secret it would get stored in the readline
history data structure (in plain text) and eventually get leaked.
This commit instructs readline to not store any secret in its
history and fixes a non-related memory leak.
-rw-r--r-- | clients/cli/common.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/clients/cli/common.c b/clients/cli/common.c index b5e684cecb..58879f6a51 100644 --- a/clients/cli/common.c +++ b/clients/cli/common.c @@ -1005,7 +1005,7 @@ nmc_readline_echo (const NmcConfig *nmc_config, va_list args; gs_free char *prompt = NULL; char *str; - HISTORY_STATE *saved_history; + nm_auto_free HISTORY_STATE *saved_history = NULL; HISTORY_STATE passwd_history = { 0, }; va_start (args, prompt_fmt); @@ -1018,6 +1018,10 @@ nmc_readline_echo (const NmcConfig *nmc_config, if (!echo_on) { saved_history = history_get_history_state (); history_set_history_state (&passwd_history); + /* stifling history is important as it tells readline to + * not store anything, otherwise sensitive data could be + * leaked */ + stifle_history (0); rl_redisplay_function = nmc_secret_redisplay; } |