From 397592adf178e62142eb47312f992aba479ec05d Mon Sep 17 00:00:00 2001 From: Dan Robertson Date: Sun, 11 Feb 2018 03:55:45 +0000 Subject: [PATCH] Fix memory errors - `swaylock` does not free the password buffer on ENTER - read_line: OOB write when a line in /proc/modules contains a terminating character at `size` position. --- common/readline.c | 2 +- swaylock/main.c | 1 + 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/common/readline.c b/common/readline.c index cc40a2cc1..d35ba73ef 100644 --- a/common/readline.c +++ b/common/readline.c @@ -36,7 +36,7 @@ char *read_line(FILE *file) { } string[length++] = c; } - if (length + 1 == size) { + if (length + 1 >= size) { char *new_string = realloc(string, length + 1); if (!new_string) { free(string); diff --git a/swaylock/main.c b/swaylock/main.c index c26159519..a876b29c0 100644 --- a/swaylock/main.c +++ b/swaylock/main.c @@ -172,6 +172,7 @@ void notify_key(enum wl_keyboard_key_state state, xkb_keysym_t sym, uint32_t cod redraw_screen = 1; password_size = 1024; + free(password); password = malloc(password_size); password[0] = '\0'; break;