mirror of
https://github.com/git-for-windows/git.git
synced 2026-07-12 05:14:46 -05:00
wincred: Avoid memory corruption
`wcsncpy_s()` wants to write the terminating null character so we need to allocate one more space for it in the target memory block. This should fix crashes when trying to read passwords. When this happened, the password/token wouldn't print out and Git would therefore ask for a new password every time. Signed-off-by: David Macek <david.macek.0@gmail.com>
This commit is contained in:
committed by
Johannes Schindelin
parent
5b7f56a2af
commit
d905624f2c
@@ -165,7 +165,7 @@ static void get_credential(void)
|
||||
write_item("username", creds[i]->UserName,
|
||||
creds[i]->UserName ? wcslen(creds[i]->UserName) : 0);
|
||||
if (creds[i]->CredentialBlobSize > 0) {
|
||||
secret = xmalloc(creds[i]->CredentialBlobSize);
|
||||
secret = xmalloc(creds[i]->CredentialBlobSize + sizeof(WCHAR));
|
||||
wcsncpy_s(secret, creds[i]->CredentialBlobSize, (LPCWSTR)creds[i]->CredentialBlob, creds[i]->CredentialBlobSize / sizeof(WCHAR));
|
||||
line = wcstok_s(secret, L"\r\n", &remaining_lines);
|
||||
write_item("password", line, line ? wcslen(line) : 0);
|
||||
|
||||
Reference in New Issue
Block a user