config: Do not modify const strings

Take a copy here, the option string is const and strtok_r() is not a safe
function as it may change the string it manipulates.

Reviewed-by: Günther Deschner <gdeschner@redhat.com>

1 files changed, 9 insertions, 1 deletions

diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c
index e21e70d..63f264e 100644
--- a/proxy/src/gp_config.c
+++ b/proxy/src/gp_config.c
@@ -209,6 +209,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
     int num_sec;
     char *secname = NULL;
     const char *value;
+    char *vcopy;
     char *token;
     char *handle;
     int valnum;
@@ -318,7 +319,12 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
                 goto done;
             }
 
-            token = strtok_r(no_const(value), ", ", &handle);
+            vcopy = strdup(value);
+            if (!vcopy) {
+                ret = ENOMEM;
+                goto done;
+            }
+            token = strtok_r(vcopy, ", ", &handle);
             do {
 
                 ret = strcmp(value, "krb5");
@@ -329,6 +335,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
                     } else {
                         GPERROR("Failed to read krb5 config for %s.\n",
                                 secname);
+                        safefree(vcopy);
                         return ret;
                     }
                 } else {
@@ -338,6 +345,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
 
                 token = strtok_r(NULL, ", ", &handle);
             } while (token != NULL);
+            safefree(vcopy);
 
             if (cfg->svcs[n]->mechs == 0) {
                 GPDEBUG("No mechs found for [%s], ignoring.\n", secname);