aboutsummaryrefslogtreecommitdiff
path: root/include
diff options
context:
space:
mode:
authorGeoff Greer <geoff@greer.fm>2018-04-12 17:38:24 -0700
committerGeoff Greer <geoff@greer.fm>2018-04-12 17:49:21 -0700
commitad6aa21c43bb87c917e21416f3ba448b634a98f8 (patch)
tree2e2eea866e21d7f3484ef8efde82b5a6a6a2bfb0 /include
parent200d0360ea3fb2c68a6b92ff3cf0249d54457b88 (diff)
swaylock: Securely zero-out password.
- Replace char* with static array. Any chars > 1024 will be discarded. - mlock() password buffer so it can't be written to swap. - Clear password buffer after auth succeeds or fails. This is basically the same treatment I gave the 0.15 branch in https://github.com/swaywm/sway/pull/1519
Diffstat (limited to 'include')
-rw-r--r--include/swaylock/swaylock.h3
1 files changed, 1 insertions, 2 deletions
diff --git a/include/swaylock/swaylock.h b/include/swaylock/swaylock.h
index 173e8b12..ed9fea19 100644
--- a/include/swaylock/swaylock.h
+++ b/include/swaylock/swaylock.h
@@ -24,9 +24,8 @@ struct swaylock_args {
};
struct swaylock_password {
- size_t size;
size_t len;
- char *buffer;
+ char buffer[1024];
};
struct swaylock_state {