diff options
author | Jonathon Jongsma <jjongsma@redhat.com> | 2014-08-12 11:01:46 -0500 |
---|---|---|
committer | Jonathon Jongsma <jjongsma@redhat.com> | 2014-08-26 16:54:01 -0500 |
commit | b7c80494606c0dbfbae305411ad0080a5ef9282c (patch) | |
tree | 10de1fd8d5bcadf7ba254409277ecf3535498488 /src/remote-viewer.c | |
parent | ad8966ccf93d10ee21d43328b3970e8857570584 (diff) | |
download | virt-viewer-b7c80494606c0dbfbae305411ad0080a5ef9282c.tar.gz virt-viewer-b7c80494606c0dbfbae305411ad0080a5ef9282c.tar.xz virt-viewer-b7c80494606c0dbfbae305411ad0080a5ef9282c.zip |
Auth: fix leak of username
When collect_credentials() returns a failure status, 'username' was
potentially leaked.
Diffstat (limited to 'src/remote-viewer.c')
-rw-r--r-- | src/remote-viewer.c | 11 |
1 files changed, 5 insertions, 6 deletions
diff --git a/src/remote-viewer.c b/src/remote-viewer.c index cb43365..89ad227 100644 --- a/src/remote-viewer.c +++ b/src/remote-viewer.c @@ -744,17 +744,16 @@ authenticate_cb(RestProxy *proxy, G_GNUC_UNUSED RestProxyAuth *auth, "oVirt", NULL, &username, &password); - if (ret < 0) { - return FALSE; - } else { + if (ret == 0) { g_object_set(G_OBJECT(proxy), "username", username, "password", password, NULL); - g_free(username); - g_free(password); - return TRUE; } + + g_free(username); + g_free(password); + return (ret == 0); } |