diff options
| author | Geoff Greer <geoff@greer.fm> | 2018-04-12 17:38:24 -0700 |
|---|---|---|
| committer | Geoff Greer <geoff@greer.fm> | 2018-04-12 17:49:21 -0700 |
| commit | ad6aa21c43bb87c917e21416f3ba448b634a98f8 (patch) | |
| tree | 2e2eea866e21d7f3484ef8efde82b5a6a6a2bfb0 /include/swaylock | |
| parent | 200d0360ea3fb2c68a6b92ff3cf0249d54457b88 (diff) | |
swaylock: Securely zero-out password.
- Replace char* with static array. Any chars > 1024 will be discarded.
- mlock() password buffer so it can't be written to swap.
- Clear password buffer after auth succeeds or fails.
This is basically the same treatment I gave the 0.15 branch in https://github.com/swaywm/sway/pull/1519
Diffstat (limited to 'include/swaylock')
| -rw-r--r-- | include/swaylock/swaylock.h | 3 |
1 files changed, 1 insertions, 2 deletions
diff --git a/include/swaylock/swaylock.h b/include/swaylock/swaylock.h index 173e8b12..ed9fea19 100644 --- a/include/swaylock/swaylock.h +++ b/include/swaylock/swaylock.h @@ -24,9 +24,8 @@ struct swaylock_args { }; struct swaylock_password { - size_t size; size_t len; - char *buffer; + char buffer[1024]; }; struct swaylock_state { |