app.cpp: Hard code mcookiesize

Under certain conditions, mcookiesize as it's used in the for loop of App::CreateServerAuth() is not providing the usual 32 that is hard-coded into the object creator, but rather a random large integer. This in turn can cause segfaults. Attempting to work around this through using a #define to hard-code the length of mcookie instead of using the const int variable. https://bugs.gentoo.org/show_bug.cgi?id=608816
axs-gentoo · Feb 14, 2017 · dc4aa18 · dc4aa18
1 parent e58c19a
commit dc4aa18
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 10 deletions.
diff --git a/app.cpp b/app.cpp
@@ -124,16 +124,13 @@ void User1Signal(int sig) {
 }
 
 
-#ifdef USE_PAM
-App::App(int argc, char** argv)
-  : pam(conv, static_cast<void*>(&LoginPanel)),
-#else
 App::App(int argc, char** argv)
   :
+#ifdef USE_PAM
+    pam(conv, static_cast<void*>(&LoginPanel)),
 #endif
-    mcookiesize(32), // Must be divisible by 4
     ServerPID(-1), testing(false),
-    serverStarted(false), mcookie(string(App::mcookiesize, 'a')),
+    serverStarted(false), mcookie(string(MCOOKIESIZE, 'a')),
     daemonmode(false), force_nodaemon(false),
 #ifdef USE_CONSOLEKIT
     consolekit_support_enabled(true),
@@ -1259,7 +1256,7 @@ void App::CreateServerAuth() {
     string authfile;
     const char *digits = "0123456789abcdef";
     Util::srandom(Util::makeseed());
-    for (i = 0; i < App::mcookiesize; i+=4) {
+    for (i = 0; i < MCOOKIESIZE; i+=4) {
         word = Util::random() & 0xffff;
         lo = word & 0xff;
         hi = word >> 8;

diff --git a/app.h b/app.h
@@ -32,6 +32,8 @@
 #include "Ck.h"
 #endif
 
+#define MCOOKIESIZE 32
+
 class App {
 public:
     App(int argc, char** argv);
@@ -110,11 +112,9 @@ class App {
 	// For testing themes
 	char* testtheme;
     bool testing;
-    
+
     std::string themeName;
     std::string mcookie;
-
-    const int mcookiesize;
 };