From 5f6b2d295cc2542429f4e1b7144eb947681f64ca Mon Sep 17 00:00:00 2001
From: Simo Sorce <simo@redhat.com>
Date: Sat, 16 Nov 2013 17:08:06 -0500
Subject: config: Do not modify const strings

Take a copy here, the option string is const and strtok_r() is not a safe
function as it may change the string it manipulates.
---
 proxy/src/gp_config.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'proxy')

diff --git a/proxy/src/gp_config.c b/proxy/src/gp_config.c
index 8da291b..08d29fe 100644
--- a/proxy/src/gp_config.c
+++ b/proxy/src/gp_config.c
@@ -134,6 +134,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
     int num_sec;
     char *secname = NULL;
     const char *value;
+    char *vcopy;
     char *token;
     char *handle;
     int valnum;
@@ -243,7 +244,12 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
                 goto done;
             }
 
-            token = strtok_r(no_const(value), ", ", &handle);
+            vcopy = strdup(value);
+            if (!vcopy) {
+                ret = ENOMEM;
+                goto done;
+            }
+            token = strtok_r(vcopy, ", ", &handle);
             do {
 
                 ret = strcmp(value, "krb5");
@@ -254,6 +260,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
                     } else {
                         GPERROR("Failed to read krb5 config for %s.\n",
                                 secname);
+                        safefree(vcopy);
                         return ret;
                     }
                 } else {
@@ -263,6 +270,7 @@ static int load_services(struct gp_config *cfg, struct gp_ini_context *ctx)
 
                 token = strtok_r(NULL, ", ", &handle);
             } while (token != NULL);
+            safefree(vcopy);
 
             if (cfg->svcs[n]->mechs == 0) {
                 GPDEBUG("No mechs found for [%s], ignoring.\n", secname);
-- 
cgit