fixed a potential buffer overflow bug on the stack (thanks to Ghassan Misherg)

.hgtags

@@ -1 +1,3 @@
 0a95c73c7374fbc2342b6040d9f35ddf597729e1 0.1
+da5cb1f0a685258d5315ea109860bacbc2871a57 0.2
+f9157b1864388ad8f1920e5fde7c5849e73d8327 0.3

LICENSE

@@ -1,6 +1,6 @@
 MIT/X Consortium License
 
-(C)opyright MMVI Anselm R. Garbe <garbeam at gmail dot com>
+(C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
 
 Permission is hereby granted, free of charge, to any person obtaining a
 copy of this software and associated documentation files (the "Software"),

Makefile

@@ -1,5 +1,5 @@
 # slock - simple screen locker
-#   (C)opyright MMVI Anselm R. Garbe
+#   (C)opyright MMVI-MMVII Anselm R. Garbe
 
 include config.mk
 

config.mk

@@ -1,5 +1,5 @@
 # slock version
-VERSION = 0.2
+VERSION = 0.4
 
 # Customize below to fit your system
 
@@ -21,7 +21,7 @@ LDFLAGS = ${LIBS}
 #LDFLAGS = -g ${LIBS}
 
 # On *BSD remove -DHAVE_SHADOW_H from CFLAGS
-# On OpenBSD remove -lcrypt from LIBS
+# On OpenBSD and Darwin remove -lcrypt from LIBS
 
 # compiler and linker
 CC = cc

slock.c

@@ -1,15 +1,13 @@
-/* (C)opyright MMIV-MMV Anselm R. Garbe <garbeam at gmail dot com>
+/* (C)opyright MMVI-MMVII Anselm R. Garbe <garbeam at gmail dot com>
  * See LICENSE file for license details.
  */
 #define _XOPEN_SOURCE 500
-
 #if HAVE_SHADOW_H
 #include <shadow.h>
-#else
-#include <pwd.h>
 #endif
 
 #include <ctype.h>
+#include <pwd.h>
 #include <stdlib.h>
 #include <stdio.h>
 #include <string.h>
@@ -19,16 +17,41 @@
 #include <X11/Xlib.h>
 #include <X11/Xutil.h>
 
+const char *
+get_password() { /* only run as root */
+	const char *rval;
+	struct passwd *pw;
+
+	if(geteuid() != 0) {
+		fputs("slock: cannot retrieve password entry (make sure to suid slock)\n", stderr);
+		exit(EXIT_FAILURE);
+	}
+	pw = getpwuid(getuid());
+	endpwent();
+	rval =  pw->pw_passwd;
+
+#if HAVE_SHADOW_H
+	{
+		struct spwd *sp;
+		sp = getspnam(getenv("USER"));
+		endspent();
+		rval = sp->sp_pwdp;
+	}
+#endif
+	/* drop privileges */
+	if(setgid(pw->pw_gid) < 0 || setuid(pw->pw_uid) < 0) {
+		fputs("slock: cannot drop privileges\n",stdout);
+		exit(EXIT_FAILURE);
+	}
+	return rval;
+}
+
 int
 main(int argc, char **argv) {
 	char curs[] = {0, 0, 0, 0, 0, 0, 0, 0};
 	char buf[32], passwd[256];
 	int num, screen;
-#if HAVE_SHADOW_H
-	struct spwd *sp;
-#else
-	struct passwd *pw;
-#endif
+	const char *pws;
 	unsigned int len;
 	Bool running = True;
 	Cursor invisible;
@@ -44,17 +67,7 @@ main(int argc, char **argv) {
 		fputs("slock-"VERSION", (C)opyright MMVI Anselm R. Garbe\n", stdout);
 		exit(EXIT_SUCCESS);
 	}
-	if(geteuid() != 0) {
-		fputs("slock: cannot retrieve password entry (make sure to suid slock)\n", stderr);
-		exit(EXIT_FAILURE);
-	}
-#if HAVE_SHADOW_H
-	sp = getspnam(getenv("USER"));
-	endspent();
-#else
-	pw = getpwuid(getuid());
-	endpwent();
-#endif
+	pws = get_password();
 	if(!(dpy = XOpenDisplay(0))) {
 		fputs("slock: cannot open display\n", stderr);
 		exit(EXIT_FAILURE);
@@ -62,8 +75,6 @@ main(int argc, char **argv) {
 	screen = DefaultScreen(dpy);
 
 	/* init */
-	passwd[0] = 0;
-
 	wa.override_redirect = 1;
 	wa.background_pixel = BlackPixel(dpy, screen);
 	w = XCreateWindow(dpy, RootWindow(dpy, screen), 0, 0,
@@ -77,46 +88,43 @@ main(int argc, char **argv) {
 	XDefineCursor(dpy, w, invisible);
 	running = XGrabPointer(dpy, RootWindow(dpy, screen), False,
 			ButtonPressMask | ButtonReleaseMask | PointerMotionMask,
-			GrabModeAsync, GrabModeSync, None, invisible, CurrentTime) == GrabSuccess
-		&& XGrabKeyboard(dpy, RootWindow(dpy, screen), True, GrabModeAsync,
-			 GrabModeAsync, CurrentTime) == GrabSuccess;
+			GrabModeAsync, GrabModeSync, None, invisible, CurrentTime) == GrabSuccess;
+	len = 10;
+	for(len = 10; len && (XGrabKeyboard(dpy, RootWindow(dpy, screen), True, GrabModeAsync,
+		GrabModeAsync, CurrentTime) != GrabSuccess); len--)
+		usleep(1000);
+	running = running && (len > 0);
+	len = 0;
 	XMapRaised(dpy, w);
 	XSync(dpy, False);
 
 	/* main event loop */
 	while(running && !XNextEvent(dpy, &ev))
 		if(ev.type == KeyPress) {
-			len = strlen(passwd);
 			buf[0] = 0;
-			num = XLookupString(&ev.xkey, buf, sizeof(buf), &ksym, 0);
+			num = XLookupString(&ev.xkey, buf, sizeof buf, &ksym, 0);
 			if(IsFunctionKey(ksym) || IsKeypadKey(ksym)
 					|| IsMiscFunctionKey(ksym) || IsPFKey(ksym)
 					|| IsPrivateKeypadKey(ksym))
 				continue;
 			switch(ksym) {
 			case XK_Return:
-#if HAVE_SHADOW_H
-				if((running = strncmp(crypt(passwd, sp->sp_pwdp), sp->sp_pwdp, sizeof(passwd))))
-#else
-				if((running = strncmp(crypt(passwd, pw->pw_passwd), pw->pw_passwd, sizeof(passwd))))
-#endif
+				passwd[len] = 0;
+				if((running = strcmp(crypt(passwd, pws), pws)) != 0)
 					XBell(dpy, 100);
-				passwd[0] = 0;
+				len = 0;
 				break;
 			case XK_Escape:
-				passwd[0] = 0;
+				len = 0;
 				break;
 			case XK_BackSpace:
 				if(len)
-					passwd[--len] = 0;
+					--len;
 				break;
 			default:
-				if(num && !iscntrl((int) buf[0])) {
-					buf[num] = 0;
-					if(len)
-						strncat(passwd, buf, sizeof(passwd));
-					else
-						strncpy(passwd, buf, sizeof(passwd));
+				if(num && !iscntrl((int) buf[0]) && (len + num < sizeof passwd)) { 
+					memcpy(passwd + len, buf, num);
+					len += num;
 				}
 				break;
 			}