From 2b7dd9295829f479feb26b2462fb83a4c6ca30a6 Mon Sep 17 00:00:00 2001
From: Mattias Andrée <maandree@operamail.com>
Date: Fri, 22 Nov 2013 11:03:34 +0100
Subject: do not use realloc by default, it is bad security
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Mattias Andrée <maandree@operamail.com>
---
 src/passphrase.c | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

(limited to 'src')

diff --git a/src/passphrase.c b/src/passphrase.c
index 94922e4..ae7ad36 100644
--- a/src/passphrase.c
+++ b/src/passphrase.c
@@ -78,8 +78,27 @@ char* passphrase_read(void)
 #endif
 	  *(rc + len++) = c;
 	  if (len == size)
-	    if ((rc = realloc(rc, (size <<= 1L) * sizeof(char))) == NULL)
-	      return NULL;
+	    {
+#ifndef PASSPHRASE_REALLOC
+	      char* rc_2 = malloc((size <<= 1L) * sizeof(char));
+	      int i;
+	      if (rc_2)
+		{
+		  for (i = 0; i < len; i++)
+		    *(rc_2 + i) = *(rc + i);
+		}
+	      for (i = 0; i < len; i++)
+		*(rc + i) = 0;
+	      free(rc);
+	      if (rc_2 == NULL)
+		return rc_2;
+	      rc = rc_2;
+#else
+	      rc = realloc(rc, (size <<= 1L) * sizeof(char));
+	      if (rc == NULL)
+		return NULL;
+#endif
+	    }
 	}
     }
   
-- 
cgit v1.2.3-70-g09d2