From 6d7b4382c3e12ba1dbbd0762dfa850c76750d838 Mon Sep 17 00:00:00 2001
From: Andre Heinecke <aheinecke@intevation.de>
Date: Wed, 18 Jul 2018 13:06:08 +0200
Subject: [PATCH] json: Ensure that native msging request is string

* src/gpgme-json.c (native_messaging_repl): Ensure that the
request is NULL terminated.

--
This avoids potential memory leaks and access to unmapped memory
in case the request was not terminated.
Other request functions use es_read_line which gurantees NULL
termination.
---
 src/gpgme-json.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/gpgme-json.c b/src/gpgme-json.c
index edd3d32e..74ca2b6e 100644
--- a/src/gpgme-json.c
+++ b/src/gpgme-json.c
@@ -3601,7 +3601,7 @@ native_messaging_repl (void)
         }
 
       /* Read request.  */
-      request = xtrymalloc (nrequest);
+      request = xtrymalloc (nrequest + 1);
       if (!request)
         {
           err = gpg_error_from_syserror ();
@@ -3626,6 +3626,7 @@ native_messaging_repl (void)
         }
       else /* Process request  */
         {
+          request[n] = '\0'; /* Esnure that request has an end */
           if (opt_debug)
             log_debug ("request='%s'\n", request);
           xfree (response);