From cad539dfed0c49dae36e0f2292ed55967d433c5b Mon Sep 17 00:00:00 2001 From: Christian Dywan Date: Mon, 13 Feb 2012 00:16:21 +0100 Subject: [PATCH] Store password with g_strdup instead of strcpy --- extensions/formhistory/formhistory-crypt.c | 8 ++++---- extensions/formhistory/formhistory-crypt.h | 4 ++-- extensions/formhistory/formhistory-frontend.h | 2 +- extensions/formhistory/formhistory.c | 10 ++++------ 4 files changed, 11 insertions(+), 13 deletions(-) diff --git a/extensions/formhistory/formhistory-crypt.c b/extensions/formhistory/formhistory-crypt.c index f174f070..3c968c0c 100644 --- a/extensions/formhistory/formhistory-crypt.c +++ b/extensions/formhistory/formhistory-crypt.c @@ -20,7 +20,7 @@ const char *iv ="12345678"; gchar* formhistory_encrypt (const gchar* input, - unsigned char* key) + const gchar* key) { int outlen=0, auxlen=0; EVP_CIPHER_CTX ctx; @@ -34,7 +34,7 @@ formhistory_encrypt (const gchar* input, memset (&buff[0], '\0', BUF_SIZE); EVP_CIPHER_CTX_init (&ctx); - EVP_EncryptInit (&ctx, EVP_bf_cbc (), key, (unsigned char*)iv); + EVP_EncryptInit (&ctx, EVP_bf_cbc (), (unsigned char*)key, (unsigned char*)iv); if (EVP_EncryptUpdate (&ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1) return NULL; @@ -48,7 +48,7 @@ formhistory_encrypt (const gchar* input, gchar* formhistory_decrypt (const gchar* b64input, - unsigned char* key) + const gchar* key) { int outlen=0, auxlen=0; EVP_CIPHER_CTX ctx; @@ -63,7 +63,7 @@ formhistory_decrypt (const gchar* b64input, memset (&buff, 0, BUF_SIZE); EVP_CIPHER_CTX_init (& ctx); - EVP_DecryptInit (& ctx, EVP_bf_cbc(), key, (uc*)iv); + EVP_DecryptInit (& ctx, EVP_bf_cbc(), (unsigned char*)key, (uc*)iv); if (EVP_DecryptUpdate (& ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1) return NULL; diff --git a/extensions/formhistory/formhistory-crypt.h b/extensions/formhistory/formhistory-crypt.h index 123bdbb4..0aada77c 100644 --- a/extensions/formhistory/formhistory-crypt.h +++ b/extensions/formhistory/formhistory-crypt.h @@ -19,9 +19,9 @@ typedef struct } FormhistoryPasswordEntry; gchar* -formhistory_encrypt (const gchar* input, unsigned char* key); +formhistory_encrypt (const gchar* input, const gchar* key); gchar* -formhistory_decrypt (const gchar* b64input, unsigned char* key); +formhistory_decrypt (const gchar* b64input, const char* key); #endif diff --git a/extensions/formhistory/formhistory-frontend.h b/extensions/formhistory/formhistory-frontend.h index 1a86217f..c483e848 100644 --- a/extensions/formhistory/formhistory-frontend.h +++ b/extensions/formhistory/formhistory-frontend.h @@ -39,7 +39,7 @@ typedef struct #else gchar* jsforms; #endif - unsigned char master_password [MAXPASSSIZE]; + gchar* master_password; int master_password_canceled; int password_manager_enabled; } FormHistoryPriv; diff --git a/extensions/formhistory/formhistory.c b/extensions/formhistory/formhistory.c index 0281c79e..4a3e8dc8 100644 --- a/extensions/formhistory/formhistory.c +++ b/extensions/formhistory/formhistory.c @@ -79,11 +79,9 @@ formhistory_check_master_password (GtkWidget* parent, const gchar* title; static int alive; gboolean ret = FALSE; - unsigned char* master_password; - master_password = priv->master_password; /* Password is set */ - if (master_password[0] && master_password[1]) + if (priv->master_password && *priv->master_password) return TRUE; /* Other prompt is active */ @@ -130,8 +128,8 @@ formhistory_check_master_password (GtkWidget* parent, if (gtk_dialog_run (GTK_DIALOG (dialog)) == GTK_RESPONSE_OK) { /* FIXME: add password verification */ - memset (&master_password[0], '\0', MAXPASSSIZE); - strcpy ((char*)master_password, gtk_entry_get_text (GTK_ENTRY (entry))); + katze_assign (priv->master_password, + g_strdup (gtk_entry_get_text (GTK_ENTRY (entry)))); ret = TRUE; } else @@ -513,7 +511,7 @@ formhistory_activate_cb (MidoriExtension* extension, FormHistoryPriv* priv; priv = formhistory_private_new (); - strcpy ((char*)priv->master_password, ""); + priv->master_password = NULL; priv->master_password_canceled = 0; priv->password_manager_enabled = 1; formhistory_construct_popup_gui (priv); -- 2.39.5