secret_item_get_schema_name may return uninitialized memory
@tmiasko
Submitted by Tomasz Miąsko Assigned to libsecret maintainer(s)
Link to original bug (#796222)
Description
secret_item_get_schema_name may return uninitialized memory
If secret item does not have xdg:schema attribute, then secret_item_get_schema_name will return uninitialized memory, because g_variant_lookup returns FALSE and does not modify schema_name in any way:
gchar * secret_item_get_schema_name (SecretItem *self) { gchar *schema_name; GVariant *variant;
g_return_val_if_fail (SECRET_IS_ITEM (self), NULL);
variant = g_dbus_proxy_get_cached_property (G_DBUS_PROXY (self), "Attributes");
g_return_val_if_fail (variant != NULL, NULL);
g_variant_lookup (variant, "xdg:schema", "s", &schema_name);
g_variant_unref (variant);
return schema_name;
}
If schema name is indeed optional this probably should be changed accordingly together with nullable return annotation. On the other hand if schema names are required this would indicated a bug in gnome-keyring-deamon instead.
The secret item without schema has been created by Fractal using https://github.com/hwchen/secret-service-rs.