Forcefully end the decrypted data string with a null byte

Lest we have allocated a segment in non-nullbyted (yes, nullbyted) memory, and have garbage trailing off the end of the string.
rtyler · Jul 6, 2009 · 9f65db7 · 9f65db7
1 parent 612e112
commit 9f65db7
Showing 1 changed file with 3 additions and 1 deletion.
diff --git a/seccure/libseccure.c b/seccure/libseccure.c
@@ -389,10 +389,12 @@ ECC_Data ecc_decrypt(ECC_Data encrypted, ECC_KeyPair keypair, ECC_State state)
 	gcry_md_close(digest);
 
 	offset = offset - DEFAULT_MAC_LEN;
-	rc->data = (void *)(malloc(sizeof(char) * offset));
+	rc->data = (void *)(malloc(sizeof(char) * (offset + 1)));
 	rc->datalen = offset;
 	memcpy(rc->data, block, offset);
 
+	((char *)rc->data)[offset] = '\0';
+
 	bailout:
 		point_release(R);
 		free(R);