diff options
| author | Jeffrey Bencteux <jbe@improsec.com> | 2022-03-19 13:41:15 -0400 |
|---|---|---|
| committer | Pavel Shilovsky <piastryyy@gmail.com> | 2022-04-26 17:07:40 -0700 |
| commit | 8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379 (patch) | |
| tree | d94398bc361f520bb78d637377cef5d6d70323c1 | |
| parent | 007c07fd91b6d42f8bd45187cf78ebb06801139d (diff) | |
| download | cifs-utils-8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.tar.gz cifs-utils-8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.tar.bz2 cifs-utils-8acc963a2e7e9d63fe1f2e7f73f5a03f83d9c379.zip | |
mount.cifs: fix verbose messages on option parsing
When verbose logging is enabled, invalid credentials file lines may be
dumped to stderr. This may lead to information disclosure in particular
conditions when the credentials file given is sensitive and contains '='
signs.
Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026
Signed-off-by: Jeffrey Bencteux <jbe@improsec.com>
Reviewed-by: David Disseldorp <ddiss@suse.de>
| -rw-r--r-- | mount.cifs.c | 6 |
1 files changed, 1 insertions, 5 deletions
diff --git a/mount.cifs.c b/mount.cifs.c index 3a6b449..2278995 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -628,17 +628,13 @@ static int open_cred_file(char *file_name, goto return_i; break; case CRED_DOM: - if (parsed_info->verboseflag) - fprintf(stderr, "domain=%s\n", - temp_val); strlcpy(parsed_info->domain, temp_val, sizeof(parsed_info->domain)); break; case CRED_UNPARSEABLE: if (parsed_info->verboseflag) fprintf(stderr, "Credential formatted " - "incorrectly: %s\n", - temp_val ? temp_val : "(null)"); + "incorrectly\n"); break; } } |