IOT-1812: OICStrcpy is not safe with OICMalloc if the string can be empty
OICMalloc does not zero the memory allocated, and OICStrcpy does not
initialize the destination buffer if the source strlen is 0. Indeed
this seems to be by design, as the StringTests.StrcpyZeroSource
explicitly verifies that it does not initialize the destination buffer.
As a result, OICMalloc + OICStrcpy can result in uninitialized memory
(in a 1 byte buffer) that results in subsequently reading past the end
of the buffer, which can cause a crash.
Several security code paths are susceptible to this bug, which is
easy to reproduce with Application Verifier.
Change-Id: I6a3e2840c310d15a52656bf309ac9995de813683
Signed-off-by: Dave Thaler <dthaler@microsoft.com>
Reviewed-on: https://gerrit.iotivity.org/gerrit/17177
Tested-by: jenkins-iotivity <jenkins@iotivity.org>
Reviewed-by: Dan Mihai <Daniel.Mihai@microsoft.com>
Reviewed-by: Kevin Kane <kkane@microsoft.com>