x11/slock: clear passwords with explicit_bzero

Sat, 30 Jul 2016 09:09:06 -0700 

Currently, slock only clears the entered passwd buffer as part of
auth_userokay(3). If the user aborts the password entry with ESC or
clears the entered password with multiple backspaces, a cleartext
copy of the entered password is kept in memory. Use explicit_bzero()
to avoid this.

While there, add __dead and printf attributes to the die() function.


I've been running with this patch for quite a while (> 3 months) with no
issues on amd64 and macppc.

The port runs just fine, but when I compile it, I get the following
warning which I don't know how to fix properly:

CFLAGS   = -O2 -pipe -std=c99 -pedantic -Wall -I/usr/X11R6/include  
-DVERSION="1.3" -DHAVE_BSD_AUTH
LDFLAGS  =   -L/usr/X11R6/lib -lX11 -lXext -lXrandr
CC       = cc
creating config.h from config.def.h
cc -c -O2 -pipe -std=c99 -pedantic -Wall -I/usr/X11R6/include  
-DVERSION=\"1.3\" -DHAVE_BSD_AUTH slock.c
In file included from /usr/X11R6/include/X11/Xlib.h:47,
                 from /usr/X11R6/include/X11/extensions/Xrender.h:28,
                 from /usr/X11R6/include/X11/extensions/Xrandr.h:33,
                 from slock.c:16:
/usr/X11R6/include/X11/Xfuncproto.h:159:24: warning: ISO C does not permit 
named variadic macros
slock.c: In function 'readpw':
slock.c:175: warning: implicit declaration of function 'explicit_bzero'

Could someone help me with fixing that, please?


Index: Makefile
===================================================================
RCS file: /cvs/ports/x11/slock/Makefile,v
retrieving revision 1.14
diff -u -p -r1.14 Makefile
--- Makefile    6 Jul 2016 21:34:15 -0000       1.14
+++ Makefile    30 Jul 2016 15:55:05 -0000
@@ -3,7 +3,7 @@
 COMMENT=               simple X screen locker
 
 DISTNAME=              slock-1.3
-REVISION=              0
+REVISION=              1
 
 CATEGORIES=            x11
 
Index: patches/patch-slock_c
===================================================================
RCS file: patches/patch-slock_c
diff -N patches/patch-slock_c
--- /dev/null   1 Jan 1970 00:00:00 -0000
+++ patches/patch-slock_c       30 Jul 2016 15:55:05 -0000
@@ -0,0 +1,33 @@
+$OpenBSD$
+--- slock.c.orig       Fri Feb 12 20:29:02 2016
++++ slock.c    Sat Jul 30 17:54:15 2016
+@@ -47,7 +47,7 @@ static Bool rr;
+ static int rrevbase;
+ static int rrerrbase;
+ 
+-static void
++static void __attribute__((__noreturn__, __format__(printf, 1, 2)))
+ die(const char *errstr, ...)
+ {
+       va_list ap;
+@@ -172,10 +172,12 @@ readpw(Display *dpy, const char *pws)
+                               break;
+                       case XK_Escape:
+                               len = 0;
++                              explicit_bzero(passwd, sizeof(passwd));
+                               break;
+                       case XK_BackSpace:
+                               if (len)
+                                       --len;
++                              explicit_bzero(passwd + len, 1);
+                               break;
+                       default:
+                               if (num && !iscntrl((int)buf[0]) && (len + num 
< sizeof(passwd))) {
+@@ -185,6 +187,7 @@ readpw(Display *dpy, const char *pws)
+                               break;
+                       }
+                       color = len ? INPUT : (failure || failonclear ? FAILED 
: INIT);
++                      explicit_bzero(buf, sizeof(buf));
+                       if (running && oldc != color) {
+                               for (screen = 0; screen < nscreens; screen++) {
+                                       XSetWindowBackground(dpy, 
locks[screen]->win, locks[screen]->colors[color]);

Reply via email to