From d8a616a1f4f54c7f0b8fd0dc859ec78d54c754d5 Mon Sep 17 00:00:00 2001
From: Maarten de Waard <maarten@greenhost.nl>
Date: Thu, 13 Jul 2017 14:17:05 +0200
Subject: [PATCH] add null character to end of read string to prevent buffer
 overflows

---
 src/api/ssh_keys_post.c | 3 ---
 src/auxiliary.c         | 4 +++-
 2 files changed, 3 insertions(+), 4 deletions(-)

diff --git a/src/api/ssh_keys_post.c b/src/api/ssh_keys_post.c
index 06dcb72..90725ea 100644
--- a/src/api/ssh_keys_post.c
+++ b/src/api/ssh_keys_post.c
@@ -38,15 +38,12 @@ int callback_ssh_keys_post(const struct _u_request * request,
     ssh_key = json_string_value(json_object_get(json_input, "ssh-key"));
     if (ssh_key == NULL)
     {
-        // TODO: use janson's free function?
-        o_free(ssh_key);
         return send_simple_response(response, 400, "error", "missing ssh-key");
     }
 
     // Call cat to append the command correctly:
     char * command = NULL;
     asprintf(&command, "echo '%s' | sed -rf '%s'", ssh_key, RESTRICT_COMMAND_PATH);
-    o_free(ssh_key);
     FILE * sed_output = popen(command, "r");
 
     if (!sed_output)
diff --git a/src/auxiliary.c b/src/auxiliary.c
index 9729878..c7dddab 100644
--- a/src/auxiliary.c
+++ b/src/auxiliary.c
@@ -34,9 +34,11 @@ char * read_from_file(FILE * file)
                 str = temp;
             }
             strcpy(str + size - 1, buf);     // append buffer to str
-            size += strlength; 
+            size += strlength;
         }
         pclose(file);
+        temp = realloc(str, size + 1);
+        str[size] = '\0';
     }
     return str;
 }
-- 
GitLab