X-Git-Url: http://git.hungrycats.org/cgi-bin/gitweb.cgi?p=xscreensaver;a=blobdiff_plain;f=driver%2Flock.c;h=65162a591a2752214b3b86583fa22aca4d69b4e4;hp=169880b1b6a993f7ead31e3206406a7150241d00;hb=0d6b320def9180cf907ceaed56b23a972a11b757;hpb=3f438031d610c7e15fd33876a879b97e290e05fb

diff --git a/driver/lock.c b/driver/lock.c
index 169880b1..65162a59 100644
--- a/driver/lock.c
+++ b/driver/lock.c
@@ -17,6 +17,7 @@
 # include "config.h"
 #endif
 
+#include <ctype.h>
 #include <X11/Intrinsic.h>
 #include <X11/cursorfont.h>
 #include <X11/Xos.h>		/* for time() */
@@ -1424,14 +1425,25 @@ handle_passwd_key (saver_info *si, XKeyEvent *event)
       break;
 
     default:
-      i = strlen (typed_passwd);
-      if (i >= pw_size-1)
-	XBell (si->dpy, 0);
+      /* Though technically the only illegal characters in Unix passwords
+         are LF and NUL, most GUI programs (e.g., GDM) use regular text-entry
+         fields that only let you type printable characters.  So, people
+         who use funky characters in their passwords are already broken.
+         We follow that precedent.
+       */
+      if (isprint ((unsigned char) *s))
+        {
+          i = strlen (typed_passwd);
+          if (i >= pw_size-1)
+            XBell (si->dpy, 0);
+          else
+            {
+              typed_passwd [i] = *s;
+              typed_passwd [i+1] = 0;
+            }
+        }
       else
-	{
-	  typed_passwd [i] = *s;
-	  typed_passwd [i+1] = 0;
-	}
+        XBell (si->dpy, 0);
       break;
     }