nemunaire/eiwd
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

hidden: wipe SSID buffer and entry on dialog close

Browse source 
Mirror the passphrase handling so the heap is consistent: explicit_bzero
the strdup'd SSID before free, and clear the SSID entry widget alongside
the passphrase entry. SSIDs aren't secret per se, but leaving identifiable
network names in freed memory after a hidden-network prompt is avoidable.
This commit is contained in:
nemunaire 2026-04-29 14:59:53 +07:00
commit 9a40d38ad8
1 changed files with 9 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

10
src/ui/wifi_hidden.c
View file

@ -41,7 +41,15 @@ _finish(Hidden_Ctx *c, Eina_Bool ok)
explicit_bzero(pass, strlen(pass)); explicit_bzero(pass, strlen(pass));
free(pass); free(pass);
} }
free(ssid); /* SSIDs aren't secret, but wiping keeps the heap consistent with the
* passphrase handling and avoids leaving identifiable network names in
* freed memory after a hidden-network prompt. */
if (ssid)
{
explicit_bzero(ssid, strlen(ssid));
free(ssid);
}
if (c->e_ssid) elm_entry_entry_set(c->e_ssid, "");
if (c->e_pass) elm_entry_entry_set(c->e_pass, ""); if (c->e_pass) elm_entry_entry_set(c->e_pass, "");
if (c->win) evas_object_del(c->win); if (c->win) evas_object_del(c->win);
free(c); free(c);