[prev in list] [next in list] [prev in thread] [next in thread]
List: subversion-cvs
Subject: svn commit: r32328 - trunk/subversion/libsvn_subr
From: hwright () tigris ! org
Date: 2008-07-29 20:33:47
Message-ID: 200807292033.m6TKXlqT010663 () svn2 ! sjc ! collab ! net
[Download RAW message or body]
Author: hwright
Date: Tue Jul 29 13:33:47 2008
New Revision: 32328
Log:
Avoid passing a NULL value to strcmp(). Although most modern implementations
of strcmp() include a NULL check, the C89 standard, which we claim to support,
does not allow this. A cursory web search reveals some implementations which
do crash on NULL input, so this is a valid issue.
Found by: Coverity <http://scan.coverity.com/>
(CID: 85)
* subversion/libsvn_subr/simple_providers.c
(svn_auth__simple_save_creds_helper): Check a value for NULL before using
it for comparison.
Modified:
trunk/subversion/libsvn_subr/simple_providers.c
Modified: trunk/subversion/libsvn_subr/simple_providers.c
URL: http://svn.collab.net/viewvc/svn/trunk/subversion/libsvn_subr/simple_providers.c?pathrev=32328&r1=32327&r2=32328
==============================================================================
--- trunk/subversion/libsvn_subr/simple_providers.c Tue Jul 29 13:09:05 2008 (r32327)
+++ trunk/subversion/libsvn_subr/simple_providers.c Tue Jul 29 13:33:47 2008 (r32328)
@@ -260,10 +260,11 @@ svn_auth__simple_save_creds_helper(svn_b
/* If the password is going to be stored encrypted, go right
* ahead and store it to disk. Else determine whether saving
* in plaintext is OK. */
- if (strcmp(passtype, SVN_AUTH__WINCRYPT_PASSWORD_TYPE) == 0
- || strcmp(passtype, SVN_AUTH__KEYCHAIN_PASSWORD_TYPE) == 0
- || strcmp(passtype, SVN_AUTH__KWALLET_PASSWORD_TYPE) == 0
- || strcmp(passtype, SVN_AUTH__GNOME_KEYRING_PASSWORD_TYPE) == 0)
+ if (passtype &&
+ (strcmp(passtype, SVN_AUTH__WINCRYPT_PASSWORD_TYPE) == 0
+ || strcmp(passtype, SVN_AUTH__KEYCHAIN_PASSWORD_TYPE) == 0
+ || strcmp(passtype, SVN_AUTH__KWALLET_PASSWORD_TYPE) == 0
+ || strcmp(passtype, SVN_AUTH__GNOME_KEYRING_PASSWORD_TYPE) == 0) )
{
may_save_password = TRUE;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: svn-unsubscribe@subversion.tigris.org
For additional commands, e-mail: svn-help@subversion.tigris.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic