mount.cifs: fix verbose messages on option parsing

When verbose logging is enabled, invalid credentials file lines may be dumped to stderr. This may lead to information disclosure in particular conditions when the credentials file given is sensitive and contains '=' signs. Bug: https://bugzilla.samba.org/show_bug.cgi?id=15026 Signed-off-by: Jeffrey Bencteux <jbe@improsec.com> Reviewed-by: David Disseldorp <ddiss@suse.de>
piastry · Apr 27, 2022 · 8acc963 · 8acc963 · carnil · Apr 28, 2022
1 parent 007c07f
commit 8acc963
Showing 1 changed file with 1 addition and 5 deletions.
diff --git a/mount.cifs.c b/mount.cifs.c
@@ -628,17 +628,13 @@ static int open_cred_file(char *file_name,
 				goto return_i;
 			break;
 		case CRED_DOM:
-			if (parsed_info->verboseflag)
-				fprintf(stderr, "domain=%s\n",
-					temp_val);
 			strlcpy(parsed_info->domain, temp_val,
 				sizeof(parsed_info->domain));
 			break;
 		case CRED_UNPARSEABLE:
 			if (parsed_info->verboseflag)
 				fprintf(stderr, "Credential formatted "
-					"incorrectly: %s\n",
-					temp_val ? temp_val : "(null)");
+					"incorrectly\n");
 			break;
 		}
 	}