diff options
author | Christoph Gysin <christoph.gysin@gmail.com> | 2016-01-23 22:43:51 +0200 |
---|---|---|
committer | Christoph Gysin <christoph.gysin@gmail.com> | 2016-01-25 20:15:00 +0200 |
commit | 071e09721449e1bfc9331077368c53391dd9b932 (patch) | |
tree | aacdaa4239c24a8bd4c0bb313b43dfd157007e45 /swaylock/main.c | |
parent | swaylock: fix pam conversation (diff) | |
download | sway-071e09721449e1bfc9331077368c53391dd9b932.tar.gz sway-071e09721449e1bfc9331077368c53391dd9b932.tar.zst sway-071e09721449e1bfc9331077368c53391dd9b932.zip |
swaylock: don't memset memory that has been freed
swaylock is randomly crashing because we write to password that has already been
freed in pam_authenticate().
Diffstat (limited to 'swaylock/main.c')
-rw-r--r-- | swaylock/main.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/swaylock/main.c b/swaylock/main.c index e6095d35..9530b6dc 100644 --- a/swaylock/main.c +++ b/swaylock/main.c | |||
@@ -75,7 +75,7 @@ int function_conversation(int num_msg, const struct pam_message **msg, | |||
75 | /** | 75 | /** |
76 | * password will be zeroed out. | 76 | * password will be zeroed out. |
77 | */ | 77 | */ |
78 | bool verify_password(char *password) { | 78 | bool verify_password() { |
79 | struct passwd *passwd = getpwuid(getuid()); | 79 | struct passwd *passwd = getpwuid(getuid()); |
80 | char *username = passwd->pw_name; | 80 | char *username = passwd->pw_name; |
81 | 81 | ||
@@ -86,14 +86,11 @@ bool verify_password(char *password) { | |||
86 | sway_abort("PAM returned %d\n", pam_err); | 86 | sway_abort("PAM returned %d\n", pam_err); |
87 | } | 87 | } |
88 | if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { | 88 | if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { |
89 | memset(password, 0, strlen(password)); | ||
90 | return false; | 89 | return false; |
91 | } | 90 | } |
92 | if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { | 91 | if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { |
93 | memset(password, 0, strlen(password)); | ||
94 | return false; | 92 | return false; |
95 | } | 93 | } |
96 | memset(password, 0, strlen(password)); | ||
97 | return true; | 94 | return true; |
98 | } | 95 | } |
99 | 96 | ||
@@ -101,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod | |||
101 | if (state == WL_KEYBOARD_KEY_STATE_PRESSED) { | 98 | if (state == WL_KEYBOARD_KEY_STATE_PRESSED) { |
102 | switch (sym) { | 99 | switch (sym) { |
103 | case XKB_KEY_Return: | 100 | case XKB_KEY_Return: |
104 | if (verify_password(password)) { | 101 | if (verify_password()) { |
105 | exit(0); | 102 | exit(0); |
106 | } | 103 | } |
104 | password = malloc(1024); // TODO: Let this grow | ||
105 | password[0] = '\0'; | ||
107 | break; | 106 | break; |
108 | default: | 107 | default: |
109 | { | 108 | { |