From ed42bca0dda48191ec20598c4b2f7b712c6b6353 Mon Sep 17 00:00:00 2001
From: Stefan Kost <ensonic@users.sf.net>
Date: Fri, 20 May 2011 00:16:00 +0300
Subject: librfb: don't leak password on error

---
 gst/librfb/vncauth.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'gst/librfb')

diff --git a/gst/librfb/vncauth.c b/gst/librfb/vncauth.c
index d6ce7e488..dc6817366 100644
--- a/gst/librfb/vncauth.c
+++ b/gst/librfb/vncauth.c
@@ -96,15 +96,18 @@ vncDecryptPasswdFromFile (char *fname)
 {
   FILE *fp;
   int32_t i, ch;
-  unsigned char *passwd = (unsigned char *) malloc (9);
+  unsigned char *passwd;
 
   if ((fp = fopen (fname, "r")) == NULL)
     return NULL;
 
+  passwd = (unsigned char *) malloc (9);
+
   for (i = 0; i < 8; i++) {
     ch = getc (fp);
     if (ch == EOF) {
       fclose (fp);
+      free (passwd);
       return NULL;
     }
     passwd[i] = ch;
-- 
cgit v1.2.1