From dd83ac0db310f2c33480118d1397453e0dfb6bc0 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@gnome.org>
Date: Sun, 25 Mar 2012 12:17:03 +0200
Subject: [PATCH] Only copy the correct amount of bytes from SecretValue

 * When transferring to a null-terminated password
---
 egg/egg-secure-memory.c | 22 ++++++++++++++++++++++
 egg/egg-secure-memory.h |  5 +++++
 library/secret-value.c  |  8 ++++----
 3 files changed, 31 insertions(+), 4 deletions(-)

diff --git a/egg/egg-secure-memory.c b/egg/egg-secure-memory.c
index dca9bac..b082779 100644
--- a/egg/egg-secure-memory.c
+++ b/egg/egg-secure-memory.c
@@ -1317,6 +1317,28 @@ egg_secure_strdup_full (const char *tag,
 	return res;
 }
 
+char *
+egg_secure_strndup_full (const char *tag,
+                         const char *str,
+                         size_t length,
+                         int options)
+{
+	size_t len;
+	char *res;
+	const char *end;
+
+	if (!str)
+		return NULL;
+
+	end = memchr (str, '\0', length);
+	if (end != NULL)
+		length = (end - str);
+	len = length + 1;
+	res = (char *)egg_secure_alloc_full (tag, len, options);
+	memcpy (res, str, len);
+	return res;
+}
+
 void
 egg_secure_clear (void *p, size_t length)
 {
diff --git a/egg/egg-secure-memory.h b/egg/egg-secure-memory.h
index 682811d..d181349 100644
--- a/egg/egg-secure-memory.h
+++ b/egg/egg-secure-memory.h
@@ -81,6 +81,9 @@ extern void*  egg_memory_fallback (void *p, size_t length);
 	} \
 	static inline void* egg_secure_strdup (const char *str) { \
 		return egg_secure_strdup_full (G_STRINGIFY (tag), str, EGG_SECURE_USE_FALLBACK); \
+	} \
+	static inline void* egg_secure_strndup (const char *str, size_t length) { \
+		return egg_secure_strndup_full (G_STRINGIFY (tag), str, length, EGG_SECURE_USE_FALLBACK); \
 	}
 
 void*  egg_secure_alloc_full   (const char *tag, size_t length, int options);
@@ -99,6 +102,8 @@ void   egg_secure_validate     (void);
 
 char*  egg_secure_strdup_full  (const char *tag, const char *str, int options);
 
+char*  egg_secure_strndup_full (const char *tag, const char *str, size_t length, int options);
+
 void   egg_secure_strclear     (char *str);
 
 void   egg_secure_strfree      (char *str);
diff --git a/library/secret-value.c b/library/secret-value.c
index b0aa293..959e4d3 100644
--- a/library/secret-value.c
+++ b/library/secret-value.c
@@ -237,7 +237,7 @@ _secret_value_unref_to_password (SecretValue *value)
 			result = val->secret;
 
 		} else {
-			result = egg_secure_strdup (val->secret);
+			result = egg_secure_strndup (val->secret, val->length);
 			if (val->destroy)
 				(val->destroy) (val->secret);
 		}
@@ -245,7 +245,7 @@ _secret_value_unref_to_password (SecretValue *value)
 		g_slice_free (SecretValue, val);
 
 	} else {
-		result = egg_secure_strdup (val->secret);
+		result = egg_secure_strndup (val->secret, val->length);
 	}
 
 	return result;
@@ -269,7 +269,7 @@ _secret_value_unref_to_string (SecretValue *value)
 			result = val->secret;
 
 		} else {
-			result = g_strdup (val->secret);
+			result = g_strndup (val->secret, val->length);
 			if (val->destroy)
 				(val->destroy) (val->secret);
 		}
@@ -277,7 +277,7 @@ _secret_value_unref_to_string (SecretValue *value)
 		g_slice_free (SecretValue, val);
 
 	} else {
-		result = g_strdup (val->secret);
+		result = g_strndup (val->secret, val->length);
 	}
 
 	return result;
-- 
2.7.4