From: Marcin Siodelski <marcin@isc.org>
Date: Thu, 22 Aug 2019 18:40:27 +0000 (+0200)
Subject: [#851,!24-p] Make sure that string is null terminated after strncpy.
X-Git-Tag: Kea-1.6.0~16
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=a877be126bbae3adb20605e8a8f005343e0d7f15;p=thirdparty%2Fkea.git

[#851,!24-p] Make sure that string is null terminated after strncpy.
---

diff --git a/src/lib/dhcpsrv/mysql_host_data_source.cc b/src/lib/dhcpsrv/mysql_host_data_source.cc
index 7963213e79..4eddbdc68d 100644
--- a/src/lib/dhcpsrv/mysql_host_data_source.cc
+++ b/src/lib/dhcpsrv/mysql_host_data_source.cc
@@ -119,6 +119,7 @@ public:
         memset(user_context_, 0, sizeof(user_context_));
         memset(dhcp4_server_hostname_, 0, sizeof(dhcp4_server_hostname_));
         memset(dhcp4_boot_file_name_, 0, sizeof(dhcp4_boot_file_name_));
+        memset(auth_key_, 0, sizeof(auth_key_));
 
         // Set the column names for use by this class. This only comprises
         // names used by the MySqlHostExchange class. Derived classes will
diff --git a/src/lib/util/io/socketsession.cc b/src/lib/util/io/socketsession.cc
index c19ab450f1..ff51debc8d 100644
--- a/src/lib/util/io/socketsession.cc
+++ b/src/lib/util/io/socketsession.cc
@@ -102,6 +102,7 @@ SocketSessionForwarder::SocketSessionForwarder(const std::string& unix_file) :
     // the copy should be safe due to the above check, but we'd be rather
     // paranoid about making it 100% sure even if the check has a bug (with
     // triggering the assertion in the worse case)
+    memset(&impl.sock_un_.sun_path, 0, sizeof(impl.sock_un_.sun_path));
     strncpy(impl.sock_un_.sun_path, unix_file.c_str(),
             sizeof(impl.sock_un_.sun_path) - 1);
     assert(impl.sock_un_.sun_path[sizeof(impl.sock_un_.sun_path) - 1] == '\0');