From: Amos Jeffries <squid3@treenet.co.nz>
Date: Mon, 7 Sep 2015 10:24:31 +0000 (-0700)
Subject: negotiate_kerberos_auth: producing empty group= kv-pairs
X-Git-Tag: SQUID_4_0_1~69
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=786ee90ab2bcfc57cbd135a3f5e0f887d9e2bb78;p=thirdparty%2Fsquid.git

negotiate_kerberos_auth: producing empty group= kv-pairs
---

diff --git a/helpers/negotiate_auth/kerberos/negotiate_kerberos_pac.cc b/helpers/negotiate_auth/kerberos/negotiate_kerberos_pac.cc
index f4860faef9..04d8ce6a16 100644
--- a/helpers/negotiate_auth/kerberos/negotiate_kerberos_pac.cc
+++ b/helpers/negotiate_auth/kerberos/negotiate_kerberos_pac.cc
@@ -237,10 +237,11 @@ getdomaingids(char *ad_groups, uint32_t DomainLogonId, char **Rids, uint32_t Gro
             }
             struct base64_encode_ctx ctx;
             base64_encode_init(&ctx);
-            uint8_t *b64buf = (uint8_t *)xcalloc(base64_encode_len(length+4)*sizeof(uint8_t),1);
+            const uint32_t expectedSz = base64_encode_len(length+4) +1 /* terminator */;
+            uint8_t *b64buf = (uint8_t *)xcalloc(expectedSz, 1);
             size_t blen = base64_encode_update(&ctx, b64buf, length+4, reinterpret_cast<uint8_t*>(ag));
             blen += base64_encode_final(&ctx, b64buf+blen);
-            b64buf[sizeof(*b64buf)-1] = '\0';
+            b64buf[expectedSz-1] = '\0';
             if (!pstrcat(ad_groups, reinterpret_cast<char*>(b64buf))) {
                 debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n",
                       LogTime(), PROGRAM, MAX_PAC_GROUP_SIZE, ad_groups);
@@ -318,10 +319,11 @@ getextrasids(char *ad_groups, uint32_t ExtraSids, uint32_t SidCount)
 
                 struct base64_encode_ctx ctx;
                 base64_encode_init(&ctx);
-                uint8_t *b64buf = (uint8_t *)xcalloc(base64_encode_len(length)*sizeof(uint8_t),1);
+                const uint32_t expectedSz = base64_encode_len(length) +1 /* terminator */;
+                uint8_t *b64buf = (uint8_t *)xcalloc(expectedSz, 1);
                 size_t blen = base64_encode_update(&ctx, b64buf, length, reinterpret_cast<uint8_t*>(ag));
                 blen += base64_encode_final(&ctx, b64buf+blen);
-                b64buf[sizeof(*b64buf)-1] = '\0';
+                b64buf[expectedSz-1] = '\0';
                 if (!pstrcat(ad_groups, reinterpret_cast<char*>(b64buf))) {
                     debug((char *) "%s| %s: WARN: Too many groups ! size > %d : %s\n",
                           LogTime(), PROGRAM, MAX_PAC_GROUP_SIZE, ad_groups);