increase security in case of broken secret stores

Sat, 26 Oct 2019 12:40:35 +0200

author
Olaf Wintermann <olaf.wintermann@gmail.com>
date
Sat, 26 Oct 2019 12:40:35 +0200
changeset 674
92bf06a65d08
parent 673
8e7e56cfc103
child 675
a8117c4feaad

increase security in case of broken secret stores

dav/main.c file | annotate | diff | comparison | revisions
--- a/dav/main.c	Sat Oct 26 12:38:33 2019 +0200
+++ b/dav/main.c	Sat Oct 26 12:40:35 2019 +0200
@@ -556,9 +556,11 @@
     // we can set the user/password
     if(id && (secrets->isdecrypted || !decrypt_secrets(a, secrets))) {
         PwdEntry *cred = pwdstore_get(secrets, id);
-        *user = cred->user;
-        *password = cred->password;
-        ret = 1;
+        if(cred) {
+            *user = cred->user;
+            *password = cred->password;
+            ret = 1;
+        }
     }
     
     free(req_url_proto.ptr);

mercurial