Store password with g_strdup instead of strcpy

This commit is contained in:
Christian Dywan 2012-02-13 00:16:21 +01:00
parent 62ed57bde3
commit cad539dfed
4 changed files with 11 additions and 13 deletions

View file

@ -20,7 +20,7 @@ const char *iv ="12345678";
gchar* gchar*
formhistory_encrypt (const gchar* input, formhistory_encrypt (const gchar* input,
unsigned char* key) const gchar* key)
{ {
int outlen=0, auxlen=0; int outlen=0, auxlen=0;
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx;
@ -34,7 +34,7 @@ formhistory_encrypt (const gchar* input,
memset (&buff[0], '\0', BUF_SIZE); memset (&buff[0], '\0', BUF_SIZE);
EVP_CIPHER_CTX_init (&ctx); EVP_CIPHER_CTX_init (&ctx);
EVP_EncryptInit (&ctx, EVP_bf_cbc (), key, (unsigned char*)iv); EVP_EncryptInit (&ctx, EVP_bf_cbc (), (unsigned char*)key, (unsigned char*)iv);
if (EVP_EncryptUpdate (&ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1) if (EVP_EncryptUpdate (&ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1)
return NULL; return NULL;
@ -48,7 +48,7 @@ formhistory_encrypt (const gchar* input,
gchar* gchar*
formhistory_decrypt (const gchar* b64input, formhistory_decrypt (const gchar* b64input,
unsigned char* key) const gchar* key)
{ {
int outlen=0, auxlen=0; int outlen=0, auxlen=0;
EVP_CIPHER_CTX ctx; EVP_CIPHER_CTX ctx;
@ -63,7 +63,7 @@ formhistory_decrypt (const gchar* b64input,
memset (&buff, 0, BUF_SIZE); memset (&buff, 0, BUF_SIZE);
EVP_CIPHER_CTX_init (& ctx); EVP_CIPHER_CTX_init (& ctx);
EVP_DecryptInit (& ctx, EVP_bf_cbc(), key, (uc*)iv); EVP_DecryptInit (& ctx, EVP_bf_cbc(), (unsigned char*)key, (uc*)iv);
if (EVP_DecryptUpdate (& ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1) if (EVP_DecryptUpdate (& ctx, (uc*)&buff, &outlen, (uc*)input, inputSize) != 1)
return NULL; return NULL;

View file

@ -19,9 +19,9 @@ typedef struct
} FormhistoryPasswordEntry; } FormhistoryPasswordEntry;
gchar* gchar*
formhistory_encrypt (const gchar* input, unsigned char* key); formhistory_encrypt (const gchar* input, const gchar* key);
gchar* gchar*
formhistory_decrypt (const gchar* b64input, unsigned char* key); formhistory_decrypt (const gchar* b64input, const char* key);
#endif #endif

View file

@ -39,7 +39,7 @@ typedef struct
#else #else
gchar* jsforms; gchar* jsforms;
#endif #endif
unsigned char master_password [MAXPASSSIZE]; gchar* master_password;
int master_password_canceled; int master_password_canceled;
int password_manager_enabled; int password_manager_enabled;
} FormHistoryPriv; } FormHistoryPriv;

View file

@ -79,11 +79,9 @@ formhistory_check_master_password (GtkWidget* parent,
const gchar* title; const gchar* title;
static int alive; static int alive;
gboolean ret = FALSE; gboolean ret = FALSE;
unsigned char* master_password;
master_password = priv->master_password;
/* Password is set */ /* Password is set */
if (master_password[0] && master_password[1]) if (priv->master_password && *priv->master_password)
return TRUE; return TRUE;
/* Other prompt is active */ /* Other prompt is active */
@ -130,8 +128,8 @@ formhistory_check_master_password (GtkWidget* parent,
if (gtk_dialog_run (GTK_DIALOG (dialog)) == GTK_RESPONSE_OK) if (gtk_dialog_run (GTK_DIALOG (dialog)) == GTK_RESPONSE_OK)
{ {
/* FIXME: add password verification */ /* FIXME: add password verification */
memset (&master_password[0], '\0', MAXPASSSIZE); katze_assign (priv->master_password,
strcpy ((char*)master_password, gtk_entry_get_text (GTK_ENTRY (entry))); g_strdup (gtk_entry_get_text (GTK_ENTRY (entry))));
ret = TRUE; ret = TRUE;
} }
else else
@ -513,7 +511,7 @@ formhistory_activate_cb (MidoriExtension* extension,
FormHistoryPriv* priv; FormHistoryPriv* priv;
priv = formhistory_private_new (); priv = formhistory_private_new ();
strcpy ((char*)priv->master_password, ""); priv->master_password = NULL;
priv->master_password_canceled = 0; priv->master_password_canceled = 0;
priv->password_manager_enabled = 1; priv->password_manager_enabled = 1;
formhistory_construct_popup_gui (priv); formhistory_construct_popup_gui (priv);