krb5 commit [krb5-1.9]: Ensure null termination of AFS salts

[Tom Yu]

https://github.com/krb5/krb5/commit/af1796a13c0c2878f09c3ea3dc0ae1727e324f1f
commit af1796a13c0c2878f09c3ea3dc0ae1727e324f1f
Author: Greg Hudson <ghudson at mit.edu>
Date:   Fri Apr 27 17:04:24 2012 +0000

    Ensure null termination of AFS salts
    
    Use krb5int_copy_data_contents_add0 when copying a pa-pw-salt or
    pa-afs3-salt value in pa_salt().  If it's an afs3-salt, we're going to
    throw away the length and use strcspn in krb5int_des_string_to_key,
    which isn't safe if the value is unterminated.
    
    (cherry picked from commit f566fee75f2455d6e5e7ee4fcdf5a0d327808639)
    
    ticket: 7611 (new)
    version_fixed: 1.9.5
    status: resolved

 src/lib/krb5/krb/preauth2.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/src/lib/krb5/krb/preauth2.c b/src/lib/krb5/krb/preauth2.c
index f4896eb..4f582da 100644
--- a/src/lib/krb5/krb/preauth2.c
+++ b/src/lib/krb5/krb/preauth2.c
@@ -608,7 +608,7 @@ pa_salt(krb5_context context, krb5_kdc_req *request, krb5_pa_data *in_padata,
 
     tmp = padata2data(*in_padata);
     krb5_free_data_contents(context, salt);
-    retval = krb5int_copy_data_contents(context, &tmp, salt);
+    retval = krb5int_copy_data_contents_add0(context, &tmp, salt);
     if (retval)
         return retval;