mirror of
https://github.com/mozilla/gecko-dev.git
synced 2024-10-08 19:04:45 +00:00
Bug 1161686 - libmar's |SECU_GetModulePassword| can leak allocated string (command line build utility). Free unused return of GetPasswordString. r=bbondy
This commit is contained in:
parent
a5c51c2049
commit
2388d6503d
@ -219,7 +219,11 @@ SECU_GetModulePassword(PK11SlotInfo *slot, PRBool retry, void *arg)
|
||||
sprintf(prompt,
|
||||
"Press Enter, then enter PIN for \"%s\" on external device.\n",
|
||||
PK11_GetTokenName(slot));
|
||||
(void) GetPasswordString(NULL, prompt);
|
||||
pw = GetPasswordString(NULL, prompt);
|
||||
if (pw) {
|
||||
memset(pw, 0, PORT_Strlen(pw));
|
||||
PORT_Free(pw);
|
||||
}
|
||||
/* Fall Through */
|
||||
case PW_PLAINTEXT:
|
||||
return PL_strdup(pwdata->data);
|
||||
|
Loading…
Reference in New Issue
Block a user