ENGINE-547 - don't add null-termination byte to size of blobs handed to libetpan, or you'll get NUL-termination inside the mime string and disaster will result! sync
authorKrista 'DarthMama' Bennett <krista@pep.foundation>
Tue, 07 May 2019 17:57:04 +0200
branchsync
changeset 3645429891a9cf90
parent 3641 54d5a1efa86d
child 3646 4c1f9f5e77b3
ENGINE-547 - don't add null-termination byte to size of blobs handed to libetpan, or you'll get NUL-termination inside the mime string and disaster will result!
sync/gen_statemachine.ysl2
     1.1 --- a/sync/gen_statemachine.ysl2	Mon May 06 19:53:26 2019 +0200
     1.2 +++ b/sync/gen_statemachine.ysl2	Tue May 07 17:57:04 2019 +0200
     1.3 @@ -656,7 +656,9 @@
     1.4                                  status = PEP_OUT_OF_MEMORY;
     1.5                                  goto the_end;
     1.6                              }
     1.7 -                            key_data_size = 1;
     1.8 +                            key_data_size = 1; // N.B. If null termination makes us happy for debugging, fine, but 
     1.9 +                                               // if we include this in the size, libetpan will null terminate and 
    1.10 +                                               // go bananas. We can't have a NUL in the mime text.
    1.11  
    1.12                              for (stringlist_t *sl = session->own_«yml:lcase(@name)»_state.own_keys;
    1.13                                      sl && sl->value ; sl = sl->next)
    1.14 @@ -711,7 +713,8 @@
    1.15  
    1.16                              // add secret key data as attachment
    1.17  
    1.18 -                            bloblist_t *bl = bloblist_add(_m->attachments, key_data, key_data_size,
    1.19 +                            // N.B. The -1 makes sure we do NOT add a NUL into the mime stream!
    1.20 +                            bloblist_t *bl = bloblist_add(_m->attachments, key_data, key_data_size - 1,
    1.21                                      "application/octet-stream", "file://own.key");
    1.22                              if (!bl) {
    1.23                                  free(_data);