diff options
| author |  Geoff Greer <geoff@greer.fm> | 2018-04-12 17:38:24 -0700 |
|---|---|---|
| committer | Geoff Greer <geoff@greer.fm> | 2018-04-12 17:49:21 -0700 |
| commit | ad6aa21c43bb87c917e21416f3ba448b634a98f8 (patch) | |
| tree | 2e2eea866e21d7f3484ef8efde82b5a6a6a2bfb0 /include | |
| parent | Merge branch 'master' of github.com:swaywm/sway (diff) | |
| download | sway-ad6aa21c43bb87c917e21416f3ba448b634a98f8.tar.gz sway-ad6aa21c43bb87c917e21416f3ba448b634a98f8.tar.zst sway-ad6aa21c43bb87c917e21416f3ba448b634a98f8.zip | |
swaylock: Securely zero-out password.
- Replace char* with static array. Any chars > 1024 will be discarded.
- mlock() password buffer so it can't be written to swap.
- Clear password buffer after auth succeeds or fails.
This is basically the same treatment I gave the 0.15 branch in https://github.com/swaywm/sway/pull/1519
Diffstat (limited to 'include')
| -rw-r--r-- | include/swaylock/swaylock.h | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/include/swaylock/swaylock.h b/include/swaylock/swaylock.h index 173e8b12..ed9fea19 100644 --- a/include/swaylock/swaylock.h +++ b/include/swaylock/swaylock.h | |||
| @@ -24,9 +24,8 @@ struct swaylock_args { | |||
| 24 | }; | 24 | }; |
| 25 | 25 | ||
| 26 | struct swaylock_password { | 26 | struct swaylock_password { |
| 27 | size_t size; | ||
| 28 | size_t len; | 27 | size_t len; |
| 29 | char *buffer; | 28 | char buffer[1024]; |
| 30 | }; | 29 | }; |
| 31 | 30 | ||
| 32 | struct swaylock_state { | 31 | struct swaylock_state { |