From kde-panel-devel Tue Jan 31 18:30:54 2017 From: "A. Wilcox" Date: Tue, 31 Jan 2017 18:30:54 +0000 To: kde-panel-devel Subject: [Differential] [Request, 46 lines] D4376: Replace long-deprecated getpass(3) call Message-Id: X-MARC-Message: https://marc.info/?l=kde-panel-devel&m=148588746725885 MIME-Version: 1 Content-Type: multipart/mixed; boundary="--513f49db33624b93a220a32d98bba41b" --513f49db33624b93a220a32d98bba41b Content-Type: text/plain; charset="ascii" Mime-Version: 1.0 Content-Transfer-Encoding: 7bit awilcox created this revision. awilcox set the repository for this revision to R133 KScreenLocker. Restricted Application added a project: Plasma. Restricted Application added a subscriber: plasma-devel. REVISION SUMMARY This modernises the kcheckpass utility to stop using the getpass(3) call, which was deprecated in SUSv2, removed from POSIX.1-2001, and deprecated in glibc 2.19. It replaces it with a fully standards compliant getdelim(3) call. This also avoids the need to strdup the password buffer and temporarily have two copies. I didn't know how pedantic to make it; you could possibly want to check for password != NULL and memset-nul it out in the case of getdelim failure, since it could have read in a partial password but then received EOF before \n. I didn't think this case was very likely so I did not author such a check. TEST PLAN - Tested against shadow backend and PAM backend. - Each backend was tested on x86_64, x86_32, and PowerPC. - Both glibc and musl libc were tested. FreeBSD testing is pending. REPOSITORY R133 KScreenLocker REVISION DETAIL https://phabricator.kde.org/D4376 AFFECTED FILES kscreenlocker-5.8.5/kcheckpass/kcheckpass.c EMAIL PREFERENCES https://phabricator.kde.org/settings/panel/emailpreferences/ To: awilcox Cc: plasma-devel, lesliezhai, ali-mohamed, jensreuterberg, abetts, sebas --513f49db33624b93a220a32d98bba41b Content-Type: text/html; charset="ascii" Mime-Version: 1.0 Content-Transfer-Encoding: quoted-printable View Revision=
awilcox created this revision.
awilcox set t= he repository for this revision to R133 KScreenLocker.
Restricted Appl= ication added a project: Plasma.
Restricted Application added a subscr= iber: plasma-devel.

REVISION SUMMARY

This moder= nises the kcheckpass utility to stop using the getpass(3) call, which was d= eprecated in SUSv2, removed from POSIX.1-2001, and deprecated in glibc 2.19= . It replaces it with a fully standards compliant getdelim(3) call. This = also avoids the need to strdup the password buffer and temporarily have two= copies.

I didn't know how pedantic to make it; you could possibly want to c= heck for password !=3D NULL and memset-nul it out in the case of getdelim f= ailure, since it could have read in a partial password but then received EO= F before \n. I didn't think this case was very likely so I did not au= thor such a check.


TEST PLAN
  • Tested against shadow backend and PAM back= end.
  • Each backend was tested on x86_64, x86_32,= and PowerPC.
  • Both glibc and musl libc were tested. Fre= eBSD testing is pending.

REPOSITORY
R133 KScre= enLocker

REVISION DETAIL
<= a href=3D"https://phabricator.kde.org/D4376" rel=3D"noreferrer">https://pha= bricator.kde.org/D4376

AFFECTED FILES
kscreenlocker-5.8.5/kcheckpass/kcheckpass.c

EMAIL PREFERENCES

=
To: awilcox
Cc: plasma-devel, l= esliezhai, ali-mohamed, jensreuterberg, abetts, sebas
--513f49db33624b93a220a32d98bba41b--