diff options
| author | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-31 00:59:06 +0200 |
|---|---|---|
| committer | Markus Teich <markus.teich@stusta.mhn.de> | 2016-08-31 00:59:06 +0200 |
| commit | d8bec0f6fdc8a246d78cb488a0068954b46fcb29 (patch) | |
| tree | 235eb1c57c8fbf594a9a0637b737e72fb9c75c86 | |
| parent | b87bfa234378bcfc1b13273c5089f07902de1725 (diff) | |
| download | slock-d8bec0f6fdc8a246d78cb488a0068954b46fcb29.tar.gz slock-d8bec0f6fdc8a246d78cb488a0068954b46fcb29.tar.xz | |
fix CVE-2016-6866
| -rw-r--r-- | slock.c | 10 |
1 files changed, 8 insertions, 2 deletions
@@ -123,7 +123,7 @@ readpw(Display *dpy) readpw(Display *dpy, const char *pws) #endif { - char buf[32], passwd[256]; + char buf[32], passwd[256], *encrypted; int num, screen; unsigned int len, color; KeySym ksym; @@ -159,7 +159,11 @@ readpw(Display *dpy, const char *pws) #ifdef HAVE_BSD_AUTH running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd); #else - running = !!strcmp(crypt(passwd, pws), pws); + errno = 0; + if (!(encrypted = crypt(passwd, pws))) + fprintf(stderr, "slock: crypt: %s\n", strerror(errno)); + else + running = !!strcmp(encrypted, pws); #endif if (running) { XBell(dpy, 100); @@ -312,6 +316,8 @@ main(int argc, char **argv) { #ifndef HAVE_BSD_AUTH pws = getpw(); + if (strlen(pws) < 2) + die("slock: failed to get user password hash.\n"); #endif if (!(dpy = XOpenDisplay(NULL))) |