diff options
| author | Christoph Gysin <christoph.gysin@gmail.com> | 2016-01-23 22:43:51 +0200 |
|---|---|---|
| committer | Christoph Gysin <christoph.gysin@gmail.com> | 2016-01-25 20:15:00 +0200 |
| commit | 071e09721449e1bfc9331077368c53391dd9b932 (patch) | |
| tree | aacdaa4239c24a8bd4c0bb313b43dfd157007e45 /swaylock | |
| parent | dab651a240ad59722c3c23fcea6e2f91909b2a1b (diff) | |
| download | sway-071e09721449e1bfc9331077368c53391dd9b932.tar.xz | |
swaylock: don't memset memory that has been freed
swaylock is randomly crashing because we write to password that has already been
freed in pam_authenticate().
Diffstat (limited to 'swaylock')
| -rw-r--r-- | swaylock/main.c | 9 |
1 files changed, 4 insertions, 5 deletions
diff --git a/swaylock/main.c b/swaylock/main.c index e6095d35..9530b6dc 100644 --- a/swaylock/main.c +++ b/swaylock/main.c @@ -75,7 +75,7 @@ int function_conversation(int num_msg, const struct pam_message **msg, /** * password will be zeroed out. */ -bool verify_password(char *password) { +bool verify_password() { struct passwd *passwd = getpwuid(getuid()); char *username = passwd->pw_name; @@ -86,14 +86,11 @@ bool verify_password(char *password) { sway_abort("PAM returned %d\n", pam_err); } if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { - memset(password, 0, strlen(password)); return false; } if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { - memset(password, 0, strlen(password)); return false; } - memset(password, 0, strlen(password)); return true; } @@ -101,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod if (state == WL_KEYBOARD_KEY_STATE_PRESSED) { switch (sym) { case XKB_KEY_Return: - if (verify_password(password)) { + if (verify_password()) { exit(0); } + password = malloc(1024); // TODO: Let this grow + password[0] = '\0'; break; default: { |