From 071e09721449e1bfc9331077368c53391dd9b932 Mon Sep 17 00:00:00 2001
From: Christoph Gysin <christoph.gysin@gmail.com>
Date: Sat, 23 Jan 2016 22:43:51 +0200
Subject: swaylock: don't memset memory that has been freed

swaylock is randomly crashing because we write to password that has already been
freed in pam_authenticate().
---
 swaylock/main.c | 9 ++++-----
 1 file changed, 4 insertions(+), 5 deletions(-)

diff --git a/swaylock/main.c b/swaylock/main.c
index e6095d35..9530b6dc 100644
--- a/swaylock/main.c
+++ b/swaylock/main.c
@@ -75,7 +75,7 @@ int function_conversation(int num_msg, const struct pam_message **msg,
 /**
  * password will be zeroed out.
  */
-bool verify_password(char *password) {
+bool verify_password() {
 	struct passwd *passwd = getpwuid(getuid());
 	char *username = passwd->pw_name;
 
@@ -86,14 +86,11 @@ bool verify_password(char *password) {
 		sway_abort("PAM returned %d\n", pam_err);
 	}
 	if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) {
-		memset(password, 0, strlen(password));
 		return false;
 	}
 	if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) {
-		memset(password, 0, strlen(password));
 		return false;
 	}
-	memset(password, 0, strlen(password));
 	return true;
 }
 
@@ -101,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod
 	if (state == WL_KEYBOARD_KEY_STATE_PRESSED) {
 		switch (sym) {
 		case XKB_KEY_Return:
-			if (verify_password(password)) {
+			if (verify_password()) {
 				exit(0);
 			}
+			password = malloc(1024); // TODO: Let this grow
+			password[0] = '\0';
 			break;
 		default:
 			{
-- 
cgit v1.2.3-54-g00ecf