From 7cfeec96c58dd71e88ecff4a521e7a980841acee Mon Sep 17 00:00:00 2001
From: hinto-janaiyo <hinto.janaiyo@protonmail.com>
Date: Wed, 7 Dec 2022 20:34:21 -0500
Subject: [PATCH] sudo: zeroize pass on every [ask_sudo()] call

---
 src/main.rs | 12 +++++++-----
 src/sudo.rs | 11 +++++++++--
 2 files changed, 16 insertions(+), 7 deletions(-)

diff --git a/src/main.rs b/src/main.rs
index b2d44d4..878884d 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -435,13 +435,15 @@ impl ErrorState {
 	// Instead of creating a whole new screen and system, this (ab)uses ErrorState
 	// to ask for the [sudo] when starting XMRig. Yes, yes I know, it's called "ErrorState"
 	// but rewriting the UI code and button stuff might be worse.
-	pub fn ask_sudo(&mut self) {
+	// It also resets the current [SudoState]
+	pub fn ask_sudo(&mut self, state: &Arc<Mutex<SudoState>>) {
 		*self = Self {
 			error: true,
 			msg: String::new(),
 			ferris: ErrorFerris::Sudo,
 			buttons: ErrorButtons::Sudo,
-		}
+		};
+		SudoState::reset(&state)
 	}
 }
 
@@ -1150,10 +1152,10 @@ impl eframe::App for App {
 							let width = (ui.available_width()/3.0)-5.0;
 							if self.xmrig.lock().unwrap().is_alive() {
 								if ui.add_sized([width, height], Button::new("⟲")).on_hover_text("Restart XMRig").clicked() {
-									self.error_state.ask_sudo();
+									self.error_state.ask_sudo(&self.sudo);
 								}
 								if ui.add_sized([width, height], Button::new("⏹")).on_hover_text("Stop XMRig").clicked() {
-									self.error_state.ask_sudo();
+									self.error_state.ask_sudo(&self.sudo);
 								}
 								ui.add_enabled_ui(false, |ui| {
 									ui.add_sized([width, height], Button::new("⏺")).on_hover_text("Start XMRig");
@@ -1164,7 +1166,7 @@ impl eframe::App for App {
 									ui.add_sized([width, height], Button::new("⏹")).on_hover_text("Stop XMRig");
 								});
 								if ui.add_sized([width, height], Button::new("⏺")).on_hover_text("Start XMRig").clicked() {
-									self.error_state.ask_sudo();
+									self.error_state.ask_sudo(&self.sudo);
 								}
 							}
 						});
diff --git a/src/sudo.rs b/src/sudo.rs
index 807c332..d5e24f6 100644
--- a/src/sudo.rs
+++ b/src/sudo.rs
@@ -51,10 +51,17 @@ impl SudoState {
 		}
 	}
 
+	// Resets the state.
+	pub fn reset(state: &Arc<Mutex<Self>>) {
+		Self::wipe(&state);
+		let mut state = state.lock().unwrap();
+		state.testing = false;
+		state.success = false;
+	}
+
 	// Swaps the pass with another 256-capacity String,
 	// zeroizes the old and drops it.
 	pub fn wipe(state: &Arc<Mutex<Self>>) {
-		info!("Sudo | Wiping password with zeros and dropping from memory...");
 		let mut new = String::with_capacity(256);
 		let mut state = state.lock().unwrap();
 		// new is now == old, and vice-versa.
@@ -62,7 +69,7 @@ impl SudoState {
 		// we're wiping & dropping the old pass here.
 		new.zeroize();
 		std::mem::drop(new);
-		info!("Sudo ... Password Wipe OK");
+		info!("Sudo | Password wipe with 0's ... OK");
 	}
 
 	// Spawns a thread and tests sudo with the provided password.