aboutsummaryrefslogtreecommitdiffstats
path: root/slock.c
diff options
context:
space:
mode:
authorHiltjo Posthuma <hiltjo@codemadness.org>2016-07-31 13:43:00 +0200
committerHiltjo Posthuma <hiltjo@codemadness.org>2016-08-13 09:58:00 +0200
commita7afade1701a809f6a33b53525d59dd29b38d381 (patch)
tree45bb7250f76f0ed0261354ae313c4f0c3a561eb6 /slock.c
parentRevert "No need for usage()" (diff)
downloadslock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.gz
slock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.bz2
slock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.xz
slock-a7afade1701a809f6a33b53525d59dd29b38d381.tar.zst
slock-a7afade1701a809f6a33b53525d59dd29b38d381.zip
clear passwords with explicit_bzero
Make sure to explicitly clear memory that is used for password input. memset is often optimized out by the compiler. Brought to attention by the OpenBSD community, see: https://marc.info/?t=146989502600003&r=1&w=2 Thread subject: x11/slock: clear passwords with explicit_bzero Changes: - explicit_bzero.c import from libressl-portable. - Makefile: add COMPATSRC for compatibility src. - config.mk: add separate *BSD section in config.mk to simply uncomment it on these platforms.
Diffstat (limited to 'slock.c')
-rw-r--r--slock.c8
1 files changed, 6 insertions, 2 deletions
diff --git a/slock.c b/slock.c
index c9cdee2..a00fbb9 100644
--- a/slock.c
+++ b/slock.c
@@ -23,6 +23,8 @@
#include <bsd_auth.h>
#endif
+#include "util.h"
+
enum {
INIT,
INPUT,
@@ -135,7 +137,7 @@ readpw(Display *dpy, const char *pws)
* timeout. */
while (running && !XNextEvent(dpy, &ev)) {
if (ev.type == KeyPress) {
- buf[0] = 0;
+ explicit_bzero(&buf, sizeof(buf));
num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
if (IsKeypadKey(ksym)) {
if (ksym == XK_KP_Enter)
@@ -161,14 +163,16 @@ readpw(Display *dpy, const char *pws)
XBell(dpy, 100);
failure = True;
}
+ explicit_bzero(&passwd, sizeof(passwd));
len = 0;
break;
case XK_Escape:
+ explicit_bzero(&passwd, sizeof(passwd));
len = 0;
break;
case XK_BackSpace:
if (len)
- --len;
+ passwd[len--] = 0;
break;
default:
if (num && !iscntrl((int)buf[0]) && (len + num < sizeof(passwd))) {