commit - 90c4f1a832a9c55ba2397da9f1cbcaf72f076b78
commit + ec4e7034a943f389ff098aafbbe9f9de5908934b
blob - e0f5302830df390b346b453d81cd7eb1c95081ef
blob + 1f2ccc071a4c245fd66da8f3c13d65c5a6b9dc6e
--- TODO
+++ TODO
# Fix
- dwm: XKeycodeToKeysum
-- pinentry-dmenu: strcpy() -> strlcpy()
+# Patch
+- dmenu: passwords
+
# Refactor
- split common code into a library (drw.c)
+- pinentry code is ugly AF, replace it with something better
+- pinentry-dmenu should ideally not be a fork of dmenu, but rather use it directly
blob - 953326f1c2ccac35da9f00c0b2f15212ee1f781f
blob + ba9d3b1a2b268af3d20bb9faf725277c19d87a85
--- pinentry-dmenu/pinentry/argparse.c
+++ pinentry-dmenu/pinentry/argparse.c
#endif
#include <stdio.h>
+#include <assert.h>
#include <stdlib.h>
#include <ctype.h>
#include <string.h>
struct iio_item_def_s
{
IIO_ITEM_DEF next;
- char name[1]; /* String with the long option name. */
+ char name[]; /* String with the long option name. */
};
static const char *(*strusage_handler)( int ) = NULL;
state = addNAME;
goto again;
}
- else if (namelen < DIM(name)-1)
+ else if (namelen < DIM(name)-1) {
+ assert(namelen < (sizeof(name) - 1));
name[namelen++] = c;
- else /* Too long. */
+ } else /* Too long. */
state = skipNAME;
break;
name[namelen] = 0;
if (!ignore_invalid_option_p (arg, name))
{
- item = jnlib_malloc (sizeof *item + namelen);
+ item = jnlib_malloc (sizeof *item + namelen + 1);
if (!item)
return 1;
- strcpy (item->name, name);
+ strlcpy (item->name, name, namelen + 1);
item->next = (IIO_ITEM_DEF)arg->internal.iio_list;
arg->internal.iio_list = item;
}
blob - 55083d1e0610a1f2cd1dbc5031f87405c0ba4ce8
blob + 898f88cebfc93639fb5050f92ab559956f5f1846
--- pinentry-dmenu/pinentry/password-cache.c
+++ pinentry-dmenu/pinentry/password-cache.c
keygrip_to_label (const char *keygrip)
{
char const prefix[] = "GnuPG: ";
- char *label;
-
- label = malloc (sizeof (prefix) + strlen (keygrip));
- if (label)
- {
- memcpy (label, prefix, sizeof (prefix) - 1);
- strcpy (&label[sizeof (prefix) - 1], keygrip);
- }
+ char *label = NULL;
+ asprintf (&label, "%s%s", prefix, keygrip);
return label;
}
#endif
GError *error = NULL;
char *password;
char *password2;
+ size_t plen;
if (! *keygrip)
return NULL;
return NULL;
/* The password needs to be returned in secmem allocated memory. */
- password2 = secmem_malloc (strlen (password) + 1);
+ plen = strlen (password) + 1;
+ password2 = secmem_malloc (plen);
if (password2)
- strcpy(password2, password);
+ strlcpy(password2, password, plen);
else
printf("secmem_malloc failed: can't copy password!\n");
blob - c3d8e4413ea27ba4987e016a7cdcd04407d817bf
blob + d10723a94e527940d9188230c4a4feee99a8e97d
--- pinentry-dmenu/pinentry/pinentry.c
+++ pinentry-dmenu/pinentry/pinentry.c
const char prefix[] = "INQUIRE QUALITY ";
char *command;
char *line;
- size_t linelen;
+ size_t linelen, clen;
int gotvalue = 0;
int value = 0;
int rc;
length = 300; /* Limit so that it definitely fits into an Assuan
line. */
- command = secmem_malloc (strlen (prefix) + 3*length + 1);
+ clen = strlen (prefix) + 3*length + 1;
+ command = secmem_malloc (clen);
if (!command)
return 0;
- strcpy (command, prefix);
+ strlcpy (command, prefix, clen);
copy_and_escape (command + strlen(command), passphrase, length);
rc = assuan_write_line (ctx, command);
secmem_free (command);
/* Store away our name. */
if (strlen (pgmname) > sizeof this_pgmname - 2)
abort ();
- strcpy (this_pgmname, pgmname);
+ strlcpy (this_pgmname, pgmname, sizeof(this_pgmname));
gpgrt_check_version (NULL);