mirrors/sway
1
0
Fork 0
mirror of https://github.com/swaywm/sway.git synced 2024-11-10 20:44:01 +01:00
Code Issues Packages Projects Releases Wiki Activity

swaylock: don't memset memory that has been freed

Browse Source 
swaylock is randomly crashing because we write to password that has already been
freed in pam_authenticate().
This commit is contained in:
Christoph Gysin 2016-01-23 22:43:51 +02:00
parent dab651a240
commit 071e097214
1 changed files with 4 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
swaylock/main.c
View File

@ -75,7 +75,7 @@ int function_conversation(int num_msg, const struct pam_message **msg,
/**
* password will be zeroed out.
*/
bool verify_password(char *password) {
bool verify_password() {
struct passwd *passwd = getpwuid(getuid());
char *username = passwd->pw_name;
@ -86,14 +86,11 @@ bool verify_password(char *password) {
sway_abort("PAM returned %d\n", pam_err);
}
if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) {
memset(password, 0, strlen(password));
return false;
}
if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) {
memset(password, 0, strlen(password));
return false;
}
memset(password, 0, strlen(password));
return true;
}
@ -101,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod
if (state == WL_KEYBOARD_KEY_STATE_PRESSED) {
switch (sym) {
case XKB_KEY_Return:
if (verify_password(password)) {
if (verify_password()) {
exit(0);
}
password = malloc(1024); // TODO: Let this grow
password[0] = '\0';
break;
default:
{