Do not truncate pass-phrases without a newline character

This also fixes a crash when the pass-phrase entered is empty.

Originally submitted on tech-pkg@ as:
[PATCH 02/11] Do not truncate pass-phrases without a newline character

Only modified for consistency with the coding style; as also applied in
NetBSD's src repository.

Tested on NetBSD/amd64.

1 files changed, 26 insertions, 0 deletions

diff --git a/security/netpgp/patches/patch-src_lib_reader.c b/security/netpgp/patches/patch-src_lib_reader.c
new file mode 100644
index 00000000000..8be51eeda12
--- /dev/null
+++ b/security/netpgp/patches/patch-src_lib_reader.c
@@ -0,0 +1,26 @@
+$NetBSD: patch-src_lib_reader.c,v 1.1 2018/03/15 19:51:08 khorben Exp $
+
+Do not truncate pass-phrases without a newline character.
+
+--- src/lib/reader.c.orig	2012-03-05 02:20:18.000000000 +0000
++++ src/lib/reader.c
+@@ -160,6 +160,7 @@ int
+ pgp_getpassphrase(void *in, char *phrase, size_t size)
+ {
+ 	char	*p;
++	size_t	 len;
+ 
+ 	if (in == NULL) {
+ 		while ((p = getpass("netpgp passphrase: ")) == NULL) {
+@@ -169,7 +170,10 @@ pgp_getpassphrase(void *in, char *phrase
+ 		if (fgets(phrase, (int)size, in) == NULL) {
+ 			return 0;
+ 		}
+-		phrase[strlen(phrase) - 1] = 0x0;
++		len = strlen(phrase);
++		if (len >= 1 && phrase[len - 1] == '\n') {
++			phrase[len - 1] = '\0';
++		}
+ 	}
+ 	return 1;
+ }