GNU bug report logs - #36834
27.0.50; [PATCH] password-cache.el: confuses key absence with nil password

Previous Next

Full log

View this message in rfc822 format

From: Eli Zaretskii <eliz <at> gnu.org>
To: Óscar Fuentes <ofv <at> wanadoo.es>
Cc: contovob <at> tcd.ie, monnier <at> iro.umontreal.ca, 36834 <at> debbugs.gnu.org
Subject: bug#36834: 27.0.50; [PATCH] password-cache.el: confuses key absence with nil password
Date: Sat, 10 Aug 2019 11:19:01 +0300

Ping!  Any followups?  Stefan?  Should we just push this?

> From: Óscar Fuentes <ofv <at> wanadoo.es>
> Date: Mon, 29 Jul 2019 16:12:45 +0200
> Cc: Stefan Monnier <monnier <at> iro.umontreal.ca>, 36834 <at> debbugs.gnu.org
> 
> "Basil L. Contovounesios" <contovob <at> tcd.ie> writes:
> 
> >> The change uses gethash instead of intern-soft, but those functions act
> >> differently when the password (the value associated with the key) was
> >> nil.
> >
> > Is it valid for the password to be nil?  The logic in password-read
> > suggests otherwise.
> 
> Callers are sending nil. If it is not valid, there is a problem
> elsewhere, but my understanding is that a nil password means "no
> password" and it is cached in the memoization sense.
> 
> >> The effect is that every call to password-cache-add with nil as
> >> password creates a new timer,
> >
> > Where is password-cache-add being passed a nil password?
> 
> The caller is auth-source-remember, IIRC, which itself is called from
> auth-source-search.

Can you show a reproducer?

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.