Overview

File 0001-Fixup-protocol-mismatch-between-greeter-and-kcheckpa.patch of Package kscreenlocker

From b2e51c198f8d2dbf8231aab00275f7956c7defde Mon Sep 17 00:00:00 2001
From: Fabian Vogt <fabian@ritter-vogt.de>
Date: Sun, 4 Jun 2017 20:44:18 +0200
Subject: [PATCH] Fixup protocol mismatch between greeter and kcheckpass

Summary:
The receiver (kcheckpass) reads a string and if it is !nullptr, reads an int:

	msg = GRecvStr ();
	if (msg && (GRecvInt() & IsPassword) && !*msg)

The sender (kscreenlocker_greet) sends a string and if it is not empty,
sends an int:

	GSendStr(m_password.toUtf8().constData());
	if (!m_password.isEmpty()) {
		// IsSecret
		GSendInt(1);
	}

This does not work out for empty strings, as those still have a length of 1,
resulting in kcheckpass waiting indefinitely for an int that does not get sent.
Testing for a nullptr on the sender side instead of the string length fixes this.

Also clean up the code duplication and IsSecret (1)/IsPassword (2) mismatch.

BUG: 380491

Test Plan:
Reproduced the bug without this patch, with this patch it does not
happen anymore. Authentication still works and fails as expected.

Reviewers: #plasma

Subscribers: plasma-devel

Tags: #plasma

Differential Revision: https://phabricator.kde.org/D6091
---
 greeter/authenticator.cpp | 22 +++++++---------------
 1 file changed, 7 insertions(+), 15 deletions(-)

diff --git a/greeter/authenticator.cpp b/greeter/authenticator.cpp
index 1389c6d..878b709 100644
--- a/greeter/authenticator.cpp
+++ b/greeter/authenticator.cpp
@@ -208,27 +208,19 @@ void KCheckPass::handleVerify()
                 ::free( arr );
             return;
         case ConvGetNormal:
-            if (!GRecvArr( &arr ))
-                break;
-            GSendStr(m_password.toUtf8().constData());
-            if (!m_password.isEmpty()) {
-                // IsSecret
-                GSendInt(1);
-            }
-            if (arr)
-                ::free( arr );
-            return;
         case ConvGetHidden:
+        {
             if (!GRecvArr( &arr ))
                 break;
-            GSendStr(m_password.toUtf8().constData());
-            if (!m_password.isEmpty()) {
-                // IsSecret
-                GSendInt(1);
-            }
+            QByteArray utf8pass = m_password.toUtf8();
+            GSendStr(utf8pass.constData());
+            if (utf8pass.constData() != nullptr)
+                GSendInt(IsPassword);
+
             if (arr)
                 ::free( arr );
             return;
+        }
         case ConvPutInfo:
             if (!GRecvArr( &arr ))
                 break;
-- 
2.13.0
openSUSE Build Service is sponsored by
Places