rgw/kms/vault - 0 terminate before rapidjson

bufferlist c_str() doesn't guarantee a trailing nul, which is req'd
by rapidjson.  So, append a nul to make that guarantee explicit.

Also, add an optional "virtual" so unit test logic can override
send_request().

Fixes: http://tracker.ceph.com/issues/48746
Signed-off-by: Marcus Watts <mwatts@redhat.com>

diff --git a/src/rgw/rgw_kms.cc b/src/rgw/rgw_kms.cc
index a249deda782a468ced4165214a187855def38944..8542d483d48270de4e39ec2247b56bb04f5e295b 100644 (file)
--- a/src/rgw/rgw_kms.cc
+++ b/src/rgw/rgw_kms.cc
@@ -24,6 +24,9 @@
 
 using namespace rgw;
 
+#ifndef FORTEST_VIRTUAL
+#define  FORTEST_VIRTUAL       /**/
+#endif
 
 /**
  * Memory pool for use with rapidjson.  This version
@@ -204,6 +207,7 @@ protected:
     return res;
   }
 
+  FORTEST_VIRTUAL
   int send_request(const char *method, std::string_view infix,
     std::string_view key_id,
     const std::string& postdata,
@@ -366,6 +370,7 @@ public:
 
     ldout(cct, 20) << "Parse response into JSON Object" << dendl;
 
+    secret_bl.append('\0');
     rapidjson::StringStream isw(secret_bl.c_str());
     d.ParseStream<>(isw);
 
@@ -435,6 +440,7 @@ public:
 
     ldout(cct, 20) << "Parse response into JSON Object" << dendl;
 
+    secret_bl.append('\0');
     rapidjson::StringStream isw(secret_bl.c_str());
     d.SetNull();
     d.ParseStream<>(isw);
@@ -518,6 +524,7 @@ public:
 
     ldout(cct, 20) << "Parse response into JSON Object" << dendl;
 
+    secret_bl.append('\0');
     rapidjson::StringStream isw(secret_bl.c_str());
     d.SetNull();
     d.ParseStream<>(isw);
@@ -578,6 +585,7 @@ public:
 
     ldout(cct, 20) << "Parse response into JSON Object" << dendl;
 
+    secret_bl.append('\0');
     rapidjson::StringStream isw(secret_bl.c_str());
     d.ParseStream<>(isw);