fix CVE-2016-6866

author: Markus Teich <markus.teich@stusta.mhn.de> 2016-08-31 00:59:06 +0200
committer: Markus Teich <markus.teich@stusta.mhn.de> 2016-08-31 00:59:06 +0200
commit: d8bec0f6fdc8a246d78cb488a0068954b46fcb29 (patch)
tree: 235eb1c57c8fbf594a9a0637b737e72fb9c75c86 /slock.c
parent: b87bfa234378bcfc1b13273c5089f07902de1725 (diff)
1 files changed, 8 insertions, 2 deletions
diff --git a/slock.c b/slock.c
index 847b328..8ed59ca 100644
--- a/slock.c
+++ b/slock.c
@@ -123,7 +123,7 @@ readpw(Display *dpy)
 readpw(Display *dpy, const char *pws)
 #endif
 {
-	char buf[32], passwd[256];
+	char buf[32], passwd[256], *encrypted;
 	int num, screen;
 	unsigned int len, color;
 	KeySym ksym;
@@ -159,7 +159,11 @@ readpw(Display *dpy, const char *pws)
 #ifdef HAVE_BSD_AUTH
 				running = !auth_userokay(getlogin(), NULL, "auth-slock", passwd);
 #else
-				running = !!strcmp(crypt(passwd, pws), pws);
+				errno = 0;
+				if (!(encrypted = crypt(passwd, pws)))
+					fprintf(stderr, "slock: crypt: %s\n", strerror(errno));
+				else
+					running = !!strcmp(encrypted, pws);
 #endif
 				if (running) {
 					XBell(dpy, 100);
@@ -312,6 +316,8 @@ main(int argc, char **argv) {
 
 #ifndef HAVE_BSD_AUTH
 	pws = getpw();
+	if (strlen(pws) < 2)
+		die("slock: failed to get user password hash.\n");
 #endif
 
 	if (!(dpy = XOpenDisplay(NULL)))
author	Markus Teich <markus.teich@stusta.mhn.de>	2016-08-31 00:59:06 +0200
committer	Markus Teich <markus.teich@stusta.mhn.de>	2016-08-31 00:59:06 +0200
commit	d8bec0f6fdc8a246d78cb488a0068954b46fcb29 (patch)
tree	235eb1c57c8fbf594a9a0637b737e72fb9c75c86 /slock.c
parent	b87bfa234378bcfc1b13273c5089f07902de1725 (diff)