From 071e09721449e1bfc9331077368c53391dd9b932 Mon Sep 17 00:00:00 2001 From: Christoph Gysin Date: Sat, 23 Jan 2016 22:43:51 +0200 Subject: [PATCH] swaylock: don't memset memory that has been freed swaylock is randomly crashing because we write to password that has already been freed in pam_authenticate(). --- swaylock/main.c | 9 ++++----- 1 file changed, 4 insertions(+), 5 deletions(-) diff --git a/swaylock/main.c b/swaylock/main.c index e6095d35..9530b6dc 100644 --- a/swaylock/main.c +++ b/swaylock/main.c @@ -75,7 +75,7 @@ int function_conversation(int num_msg, const struct pam_message **msg, /** * password will be zeroed out. */ -bool verify_password(char *password) { +bool verify_password() { struct passwd *passwd = getpwuid(getuid()); char *username = passwd->pw_name; @@ -86,14 +86,11 @@ bool verify_password(char *password) { sway_abort("PAM returned %d\n", pam_err); } if ((pam_err = pam_authenticate(local_auth_handle, 0)) != PAM_SUCCESS) { - memset(password, 0, strlen(password)); return false; } if ((pam_err = pam_end(local_auth_handle, pam_err)) != PAM_SUCCESS) { - memset(password, 0, strlen(password)); return false; } - memset(password, 0, strlen(password)); return true; } @@ -101,9 +98,11 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod if (state == WL_KEYBOARD_KEY_STATE_PRESSED) { switch (sym) { case XKB_KEY_Return: - if (verify_password(password)) { + if (verify_password()) { exit(0); } + password = malloc(1024); // TODO: Let this grow + password[0] = '\0'; break; default: {