crash seen on minooka: acid; stk() strlen(p=0x0)+0xc /sys/src/libc/386/strlen.s:11 login(dest=0x24eb0,pass_nvram=0x0,pass_stdin=0x0,id=0x242f0)+0x544 /sys/src/cmd/auth/secstore/secstore.c:426 main(argv=0xdf7fef8c,argc=0x0)+0x1e6 /sys/src/cmd/auth/secstore/secstore.c:559 _main+0x31 /sys/src/libc/386/main9.s:16 Reference: /n/atom/patch/applied2013/secstorecrash Date: Tue Jun 18 07:48:19 CES 2013 Signed-off-by: quanstro@quanstro.net --- /sys/src/cmd/auth/secstore/secstore.c Tue Jun 18 07:47:40 2013 +++ /sys/src/cmd/auth/secstore/secstore.c Tue Jun 18 07:47:40 2013 @@ -423,6 +423,10 @@ ntry++; if(!pass_stdin && !pass_nvram){ pass = getpassm("secstore password: "); + if(pass == nil){ + fprint(2, "secstore: getpassm failed\n"); + exits("password"); + } if(strlen(pass) >= sizeof c->pass){ fprint(2, "secstore: password too long, skipping secstore login\n"); exits("password too long"); @@ -465,6 +469,8 @@ free(PINSTA); }else{ pass = getpassm("STA PIN+SecureID: "); + if(pass == nil) + exits("password: interrupted"); strncpy(s+3, pass, sizeof s - 4); memset(pass, 0, strlen(pass)); free(pass);