Heap_Inspection issue exists @ Code/SQLiteMembershipProvider.cs in branch master
Method GetPassword at line 773 of Code\SQLiteMembershipProvider.cs defines password, which is designated to contain user passwords. However, while plaintext passwords are later assigned to password, this variable is never cleared from memory.
private static void GetPasswordWithFormat (string username, out int status, out string password, out MembershipPasswordFormat passwordFormat, out string passwordSalt, out int failedPasswordAttemptCount, out int failedPasswordAnswerAttemptCount, out bool isApproved, out DateTime lastLoginDate, out DateTime lastActivityDate)
Heap_Inspection issue exists @ Code/SQLiteMembershipProvider.cs in branch master
Method GetPassword at line 773 of Code\SQLiteMembershipProvider.cs defines password, which is designated to contain user passwords. However, while plaintext passwords are later assigned to password, this variable is never cleared from memory.
Severity: Medium
CWE:244
Checkmarx
Lines: 450 1673 1609 1610 1050 1018 331 796 1758
Code (Line #450):
Code (Line #1673):
Code (Line #1609):
Code (Line #1610):
Code (Line #1050):
Code (Line #1018):
Code (Line #331):
Code (Line #796):
Code (Line #1758):