1 files changed, 36 insertions, 17 deletions

diff --git a/src/reply-password/reply-password.c b/src/reply-password/reply-password.c
index efb68a354f..ee7a0ea130 100644
--- a/src/reply-password/reply-password.c
+++ b/src/reply-password/reply-password.c
@@ -6,7 +6,9 @@
 #include <sys/socket.h>
 #include <sys/un.h>
 
+#include "alloc-util.h"
 #include "fd-util.h"
+#include "fileio.h"
 #include "log.h"
 #include "macro.h"
 #include "socket-util.h"
@@ -14,31 +16,30 @@
 #include "util.h"
 
 static int send_on_socket(int fd, const char *socket_name, const void *packet, size_t size) {
-        union sockaddr_union sa = {
-                .un.sun_family = AF_UNIX,
-        };
+        union sockaddr_union sa = {};
+        int salen;
 
         assert(fd >= 0);
         assert(socket_name);
         assert(packet);
 
-        strncpy(sa.un.sun_path, socket_name, sizeof(sa.un.sun_path));
+        salen = sockaddr_un_set_path(&sa.un, socket_name);
+        if (salen < 0)
+                return log_error_errno(salen, "Specified socket path for AF_UNIX socket invalid, refusing: %s", socket_name);
 
-        if (sendto(fd, packet, size, MSG_NOSIGNAL, &sa.sa, SOCKADDR_UN_LEN(sa.un)) < 0)
+        if (sendto(fd, packet, size, MSG_NOSIGNAL, &sa.sa, salen) < 0)
                 return log_error_errno(errno, "Failed to send: %m");
 
         return 0;
 }
 
 int main(int argc, char *argv[]) {
+        _cleanup_free_ char *packet = NULL;
         _cleanup_close_ int fd = -1;
-        char packet[LINE_MAX];
-        size_t length;
+        size_t length = 0;
         int r;
 
-        log_set_target(LOG_TARGET_AUTO);
-        log_parse_environment();
-        log_open();
+        log_setup_service();
 
         if (argc != 3) {
                 log_error("Wrong number of arguments.");
@@ -46,18 +47,36 @@ int main(int argc, char *argv[]) {
         }
 
         if (streq(argv[1], "1")) {
+                _cleanup_string_free_erase_ char *line = NULL;
 
-                packet[0] = '+';
-                if (!fgets(packet+1, sizeof(packet)-1, stdin)) {
-                        r = log_error_errno(errno, "Failed to read password: %m");
+                r = read_line(stdin, LONG_LINE_MAX, &line);
+                if (r < 0) {
+                        log_error_errno(r, "Failed to read password: %m");
+                        goto finish;
+                }
+                if (r == 0) {
+                        log_error("Got EOF while reading password.");
+                        r = -EIO;
+                        goto finish;
+                }
+
+                packet = strjoin("+", line);
+                if (!packet) {
+                        r = log_oom();
                         goto finish;
                 }
 
-                truncate_nl(packet+1);
-                length = 1 + strlen(packet+1) + 1;
+                length = 1 + strlen(line) + 1;
+
         } else if (streq(argv[1], "0")) {
-                packet[0] = '-';
+                packet = strdup("-");
+                if (!packet) {
+                        r = log_oom();
+                        goto finish;
+                }
+
                 length = 1;
+
         } else {
                 log_error("Invalid first argument %s", argv[1]);
                 r = -EINVAL;
@@ -73,7 +92,7 @@ int main(int argc, char *argv[]) {
         r = send_on_socket(fd, argv[2], packet, length);
 
 finish:
-        explicit_bzero(packet, sizeof(packet));
+        explicit_bzero_safe(packet, length);
 
         return r < 0 ? EXIT_FAILURE : EXIT_SUCCESS;
 }