/pidgin/main: 7b2708ac0e9c: Fix a leak in Jabber auth.
Elliott Sales de Andrade
qulogic at pidgin.im
Sun Jan 27 05:57:49 EST 2013
Changeset: 7b2708ac0e9c610c377e6676e30504c8b7534e60
Author: Elliott Sales de Andrade <qulogic at pidgin.im>
Date: 2013-01-26 03:27 -0500
Branch: default
URL: http://hg.pidgin.im/pidgin/main/rev/7b2708ac0e9c
Description:
Fix a leak in Jabber auth.
Refs #15427.
diffstat:
libpurple/protocols/jabber/auth_scram.c | 10 +++++-----
1 files changed, 5 insertions(+), 5 deletions(-)
diffs (27 lines):
diff --git a/libpurple/protocols/jabber/auth_scram.c b/libpurple/protocols/jabber/auth_scram.c
--- a/libpurple/protocols/jabber/auth_scram.c
+++ b/libpurple/protocols/jabber/auth_scram.c
@@ -168,11 +168,6 @@ jabber_scram_calc_proofs(JabberScramData
guchar *salted_password;
guchar *client_key, *stored_key, *client_signature, *server_key;
- client_key = g_new0(guchar, hash_len);
- stored_key = g_new0(guchar, hash_len);
- client_signature = g_new0(guchar, hash_len);
- server_key = g_new0(guchar, hash_len);
-
data->client_proof = g_string_sized_new(hash_len);
data->client_proof->len = hash_len;
data->server_signature = g_string_sized_new(hash_len);
@@ -186,6 +181,11 @@ jabber_scram_calc_proofs(JabberScramData
if (!salted_password)
return FALSE;
+ client_key = g_new0(guchar, hash_len);
+ stored_key = g_new0(guchar, hash_len);
+ client_signature = g_new0(guchar, hash_len);
+ server_key = g_new0(guchar, hash_len);
+
/* client_key = HMAC(salted_password, "Client Key") */
hmac(data->hash, client_key, salted_password, "Client Key");
/* server_key = HMAC(salted_password, "Server Key") */
More information about the Commits
mailing list