On Sat, Jul 30, 2016 at 06:07:57PM +0200, Theo Buehler wrote:
> Currently, slock only clears the entered passwd buffer as part of
> auth_userokay(3). If the user aborts the password entry with ESC or
> clears the entered password with multiple backspaces, a cleartext
> copy of the entered password is kept in memory. Use explicit_bzero()
> to avoid this.
>
> While there, add __dead and printf attributes to the die() function.
>
>
> I've been running with this patch for quite a while (> 3 months) with no
> issues on amd64 and macppc.
>
> The port runs just fine, but when I compile it, I get the following
> warning which I don't know how to fix properly:
>
> CFLAGS = -O2 -pipe -std=c99 -pedantic -Wall -I/usr/X11R6/include
> -DVERSION="1.3" -DHAVE_BSD_AUTH
> LDFLAGS = -L/usr/X11R6/lib -lX11 -lXext -lXrandr
> CC = cc
> creating config.h from config.def.h
> cc -c -O2 -pipe -std=c99 -pedantic -Wall -I/usr/X11R6/include
> -DVERSION=\"1.3\" -DHAVE_BSD_AUTH slock.c
> In file included from /usr/X11R6/include/X11/Xlib.h:47,
> from /usr/X11R6/include/X11/extensions/Xrender.h:28,
> from /usr/X11R6/include/X11/extensions/Xrandr.h:33,
> from slock.c:16:
> /usr/X11R6/include/X11/Xfuncproto.h:159:24: warning: ISO C does not permit
> named variadic macros
> slock.c: In function 'readpw':
> slock.c:175: warning: implicit declaration of function 'explicit_bzero'
>
> Could someone help me with fixing that, please?
>
>
> Index: Makefile
> ===================================================================
> RCS file: /cvs/ports/x11/slock/Makefile,v
> retrieving revision 1.14
> diff -u -p -r1.14 Makefile
> --- Makefile 6 Jul 2016 21:34:15 -0000 1.14
> +++ Makefile 30 Jul 2016 15:55:05 -0000
> @@ -3,7 +3,7 @@
> COMMENT= simple X screen locker
>
> DISTNAME= slock-1.3
> -REVISION= 0
> +REVISION= 1
>
> CATEGORIES= x11
>
> Index: patches/patch-slock_c
> ===================================================================
> RCS file: patches/patch-slock_c
> diff -N patches/patch-slock_c
> --- /dev/null 1 Jan 1970 00:00:00 -0000
> +++ patches/patch-slock_c 30 Jul 2016 15:55:05 -0000
> @@ -0,0 +1,33 @@
> +$OpenBSD$
> +--- slock.c.orig Fri Feb 12 20:29:02 2016
> ++++ slock.c Sat Jul 30 17:54:15 2016
> +@@ -47,7 +47,7 @@ static Bool rr;
> + static int rrevbase;
> + static int rrerrbase;
> +
> +-static void
> ++static void __attribute__((__noreturn__, __format__(printf, 1, 2)))
> + die(const char *errstr, ...)
> + {
> + va_list ap;
> +@@ -172,10 +172,12 @@ readpw(Display *dpy, const char *pws)
> + break;
> + case XK_Escape:
> + len = 0;
> ++ explicit_bzero(passwd, sizeof(passwd));
> + break;
> + case XK_BackSpace:
> + if (len)
> + --len;
> ++ explicit_bzero(passwd + len, 1);
> + break;
> + default:
> + if (num && !iscntrl((int)buf[0]) && (len + num
> < sizeof(passwd))) {
> +@@ -185,6 +187,7 @@ readpw(Display *dpy, const char *pws)
> + break;
> + }
> + color = len ? INPUT : (failure || failonclear ? FAILED
> : INIT);
> ++ explicit_bzero(buf, sizeof(buf));
> + if (running && oldc != color) {
> + for (screen = 0; screen < nscreens; screen++) {
> + XSetWindowBackground(dpy,
> locks[screen]->win, locks[screen]->colors[color]);
>
Hi,
A patch to change this has been applied to upstream slock (latest git),
see:
http://git.suckless.org/slock/commit/?id=a7afade1701a809f6a33b53525d59dd29b38d381
I have imported explicit_bzero.c from libressl-portable.
Let me know if you find any issues with the patch.
--
Kind regards,
Hiltjo
