Serious memory bugs parsing provider file about c_otp HOT 2 CLOSED

In addition, strlen of these unterminated strings is used as a length argument to memcpy, resulting in buffer overflows.

from c_otp.

Hi,
first, thanks for opening this issue and you're right, that's a te|ho(rrible) bug.
I already started working on it and fixing the evident memory leak(s) you
mentioned.
I have to admit I found several memory leaks and I tried to fix everything
with the next change, trying to avoid abusing about heap and variables
allocation and simplifying the code base as well.

In the next patch I'm going to submit you will find several fixes and some
enhancement like:

1. file descriptor not closed;
2. memory not properly freed, rework of split_str function;
3. use of signal handling to properly free the in-used memory when -s opt
   is passed and SIGINT is received
4. printing function enhancement to support the very basic json like output
   (and properly document it)

The issue of split_str was already fixed in the gpg branch, but tbh I had no
time to finish it, test and think about merging that feature in master; then,
master wasn't stable enough and the issue you've found is a great example
of that.

Something about testing

Here [1] a simple output related to some testing performed after producing
the fixes described above (run with the following command):

>> valgrind  -s --tool=memcheck --leak-check=full --leak-resolution=high \
    --show-leak-kinds=all --show-reachable=yes ./c_otp -f providerrc.sample -m 1 -s

Feel free to take a look, comment or chime in (and drive me) if you have ideas to optimize the code base of produce fixes for both style or features.

And again, thanks a lot for pointing me out to this bug.

[1] https://pastebin.com/DpKQiVEF

from c_otp.