'svn commit: r32328 - trunk/subversion/libsvn_subr'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       subversion-cvs
Subject:    svn commit: r32328 - trunk/subversion/libsvn_subr
From:       hwright () tigris ! org
Date:       2008-07-29 20:33:47
Message-ID: 200807292033.m6TKXlqT010663 () svn2 ! sjc ! collab ! net
[Download RAW message or body]

Author: hwright
Date: Tue Jul 29 13:33:47 2008
New Revision: 32328

Log:
Avoid passing a NULL value to strcmp().  Although most modern implementations
of strcmp() include a NULL check, the C89 standard, which we claim to support,
does not allow this.  A cursory web search reveals some implementations which
do crash on NULL input, so this is a valid issue.

Found by: Coverity <http://scan.coverity.com/>
(CID: 85)

* subversion/libsvn_subr/simple_providers.c
  (svn_auth__simple_save_creds_helper): Check a value for NULL before using
    it for comparison.

Modified:
   trunk/subversion/libsvn_subr/simple_providers.c

Modified: trunk/subversion/libsvn_subr/simple_providers.c
URL: http://svn.collab.net/viewvc/svn/trunk/subversion/libsvn_subr/simple_providers.c?pathrev=32328&r1=32327&r2=32328
 ==============================================================================
--- trunk/subversion/libsvn_subr/simple_providers.c	Tue Jul 29 13:09:05 2008	(r32327)
+++ trunk/subversion/libsvn_subr/simple_providers.c	Tue Jul 29 13:33:47 2008	(r32328)
@@ -260,10 +260,11 @@ svn_auth__simple_save_creds_helper(svn_b
       /* If the password is going to be stored encrypted, go right
        * ahead and store it to disk. Else determine whether saving
        * in plaintext is OK. */
-      if (strcmp(passtype, SVN_AUTH__WINCRYPT_PASSWORD_TYPE) == 0
-          || strcmp(passtype, SVN_AUTH__KEYCHAIN_PASSWORD_TYPE) == 0
-          || strcmp(passtype, SVN_AUTH__KWALLET_PASSWORD_TYPE) == 0
-          || strcmp(passtype, SVN_AUTH__GNOME_KEYRING_PASSWORD_TYPE) == 0)
+      if (passtype &&
+           (strcmp(passtype, SVN_AUTH__WINCRYPT_PASSWORD_TYPE) == 0
+            || strcmp(passtype, SVN_AUTH__KEYCHAIN_PASSWORD_TYPE) == 0
+            || strcmp(passtype, SVN_AUTH__KWALLET_PASSWORD_TYPE) == 0
+            || strcmp(passtype, SVN_AUTH__GNOME_KEYRING_PASSWORD_TYPE) == 0) )
         {
           may_save_password = TRUE;
         }

---------------------------------------------------------------------
To unsubscribe, e-mail: svn-unsubscribe@subversion.tigris.org
For additional commands, e-mail: svn-help@subversion.tigris.org


[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic