From 859e3a9728dd45a92d8c6d36f98b082876cb44d6 Mon Sep 17 00:00:00 2001
From: eschcam <cameron.scholes@est.tech>
Date: Fri, 2 Dec 2022 15:26:40 +0000
Subject: [PATCH] Add secure method for reading in password

Signed-off-by: eschcam <cameron.scholes@est.tech>
---
 cmd/helm/registry_login.go | 15 +++++++++++----
 1 file changed, 11 insertions(+), 4 deletions(-)

diff --git a/cmd/helm/registry_login.go b/cmd/helm/registry_login.go
index 6b1fed589..0be41049a 100644
--- a/cmd/helm/registry_login.go
+++ b/cmd/helm/registry_login.go
@@ -21,15 +21,17 @@ import (
 	"errors"
 	"fmt"
 	"io"
-	"io/ioutil"
 	"os"
 	"strings"
+	"syscall"
 
 	"github.com/moby/term"
 	"github.com/spf13/cobra"
 
 	"helm.sh/helm/v3/cmd/helm/require"
 	"helm.sh/helm/v3/pkg/action"
+
+	xTerm "golang.org/x/term"
 )
 
 const registryLoginDesc = `
@@ -74,12 +76,17 @@ func getUsernamePassword(usernameOpt string, passwordOpt string, passwordFromStd
 	password := passwordOpt
 
 	if passwordFromStdinOpt {
-		passwordFromStdin, err := ioutil.ReadAll(os.Stdin)
+		fmt.Printf("Enter registry password: ")
+
+		passwordFromStdin, err := xTerm.ReadPassword(int(syscall.Stdin))
+		fmt.Println()
+
 		if err != nil {
 			return "", "", err
 		}
-		password = strings.TrimSuffix(string(passwordFromStdin), "\n")
-		password = strings.TrimSuffix(password, "\r")
+
+		password = string(passwordFromStdin)
+		password = strings.TrimSpace(password)
 	} else if password == "" {
 		if username == "" {
 			username, err = readLine("Username: ", false)