kgssapi(4): Fix string overrun in Kerberos principal construction

'buf.value' was previously treated as a nul-terminated string, but only allocated with strlen() space. Rectify this. Reported by: Coverity CID: 1007639 Sponsored by: EMC / Isilon Storage Division
2016-04-20 04:45:23 +00:00 · 2016-04-20 04:45:23 +00:00 · e3081f7e3e
commit e3081f7e3e
parent 1a7dfcc5a3
1 changed files with 1 additions and 1 deletions
--- a/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
+++ b/sys/rpc/rpcsec_gss/svc_rpcsec_gss.c
@ -331,7 +331,7 @@ rpc_gss_get_principal_name(rpc_gss_principal_t *principal,
 	 * Construct a gss_buffer containing the full name formatted
 	 * as "name/node@domain" where node and domain are optional.
 	 */
-	namelen = strlen(name);
+	namelen = strlen(name) + 1;
 	if (node) {
 		namelen += strlen(node) + 1;
 	}