fix CVE-2016-6866
This commit is contained in:
parent
b87bfa2343
commit
d8bec0f6fd
10
slock.c
10
slock.c
|
@ -123,7 +123,7 @@ readpw(Display *dpy)
|
||||||
readpw(Display *dpy, const char *pws)
|
readpw(Display *dpy, const char *pws)
|
||||||
#endif
|
#endif
|
||||||
{
|
{
|
||||||
char buf[32], passwd[256];
|
char buf[32], passwd[256], *encrypted;
|
||||||
int num, screen;
|
int num, screen;
|
||||||
unsigned int len, color;
|
unsigned int len, color;
|
||||||
KeySym ksym;
|
KeySym ksym;
|
||||||
|
@ -159,7 +159,11 @@ readpw(Display *dpy, const char *pws)
|
||||||
#ifdef HAVE_BSD_AUTH
|
#ifdef HAVE_BSD_AUTH
|
||||||
running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
|
running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
|
||||||
#else
|
#else
|
||||||
running = !!strcmp(crypt(passwd, pws), pws);
|
errno = 0;
|
||||||
|
if (!(encrypted = crypt(passwd, pws)))
|
||||||
|
fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
|
||||||
|
else
|
||||||
|
running = !!strcmp(encrypted, pws);
|
||||||
#endif
|
#endif
|
||||||
if (running) {
|
if (running) {
|
||||||
XBell(dpy, 100);
|
XBell(dpy, 100);
|
||||||
|
@ -312,6 +316,8 @@ main(int argc, char **argv) {
|
||||||
|
|
||||||
#ifndef HAVE_BSD_AUTH
|
#ifndef HAVE_BSD_AUTH
|
||||||
pws = getpw();
|
pws = getpw();
|
||||||
|
if (strlen(pws) < 2)
|
||||||
|
die("slock: failed to get user password hash.\n");
|
||||||
#endif
|
#endif
|
||||||
|
|
||||||
if (!(dpy = XOpenDisplay(NULL)))
|
if (!(dpy = XOpenDisplay(NULL)))
|
||||||
|
|
Loading…
Reference in New Issue