Add zero termination when the buffer is a string

This shouldn't be needed but apaprently there are a number of applications
like mod_auth_kerb that just blindly assume the out buffer returned by
gss_diplay_name() is a zero terminated string even though there is no
guarantee it is in the API. To avoid annoying misbehavior we forcibly zero
terminate strings copied and returned by the interposer.

Fixes: https://fedorahosted.org/gss-proxy/ticket/101

Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Günther Deschner <gdeschner@redhat.com>

1 files changed, 21 insertions, 0 deletions

diff --git a/proxy/src/gp_conv.c b/proxy/src/gp_conv.c
index 0b177ee..a9f9669 100644
--- a/proxy/src/gp_conv.c
+++ b/proxy/src/gp_conv.c
@@ -184,6 +184,27 @@ int gp_copy_gssx_to_buffer(gssx_buffer *in, gss_buffer_t out)
     return 0;
 }
 
+int gp_copy_gssx_to_string_buffer(gssx_buffer *in, gss_buffer_t out)
+{
+    gss_buffer_desc empty = GSS_C_EMPTY_BUFFER;
+    char *str;
+
+    if (in->octet_string_len == 0) {
+        *out = empty;
+        return 0;
+    }
+
+    str = malloc(in->octet_string_len + 1);
+    if (!str) {
+        return ENOMEM;
+    }
+    memcpy(str, in->octet_string_val, in->octet_string_len);
+    str[in->octet_string_len] = '\0';
+    out->length = in->octet_string_len;
+    out->value = str;
+    return 0;
+}
+
 int gp_conv_buffer_to_gssx(gss_buffer_t in, gssx_buffer *out)
 {
     return gp_conv_octet_string(in->length, in->value, out);