More robust handling of GSSAPI error strings...

net/http/http_auth_gssapi_posix.cc

 // Copyright (c) 2010 The Chromium Authors. All rights reserved.
 // Use of this source code is governed by a BSD-style license that can be
 // found in the LICENSE file.
 
 #include "net/http/http_auth_gssapi_posix.h"
 
+#include <limits>
+
 #include "base/base64.h"
 #include "base/file_path.h"
 #include "base/logging.h"
 #include "base/singleton.h"
 #include "base/string_util.h"
 #include "net/base/net_errors.h"
 #include "net/base/net_util.h"
 
 namespace {
 
@@ skipping 184 matching lines @@
                           gssapi::OM_uint32 minor_status) {
   if (major_status == GSS_S_COMPLETE)
     return "OK";
   return StringPrintf("0x%08x 0x%08x", major_status, minor_status);
 }
 
 std::string DisplayCode(GSSAPILibrary* gssapi_lib,
                         gssapi::OM_uint32 status,
                         gssapi::OM_uint32 status_code_type) {
   const int kMaxDisplayIterations = 8;
+  const size_t kMaxMsgLength = 4096;
   // msg_ctx needs to be outside the loop because it is invoked multiple times.
   gssapi::OM_uint32 msg_ctx = 0;
   std::string rv = StringPrintf("(0x%08X)", status);
 
   // This loop should continue iterating until msg_ctx is 0 after the first
   // iteration. To be cautious and prevent an infinite loop, it stops after
-  // a finite number of iterations as well.
-  for (int i = 0; i < kMaxDisplayIterations; ++i) {
+  // a finite number of iterations as well. As an added sanity check, no
+  // individual message may exceed |kMaxMsgLength|, and the final result
+  // will not exceed |kMaxMsgLength|*2-1.
+  for (int i = 0; i < kMaxDisplayIterations && rv.size() < kMaxMsgLength;
+      ++i) {
     gssapi::OM_uint32 min_stat;

[wtc, 2010/06/12 00:25:33]

Andy, could you rename min_stat to minor_status and
maj_stat to major_status?  The Style Guide doesn't allow
this kind of abbreviation.  Thanks.

     gssapi::gss_buffer_desc_struct msg = GSS_C_EMPTY_BUFFER;
-    gssapi_lib->display_status(&min_stat, status, status_code_type,
-                               GSS_C_NULL_OID,
-                               &msg_ctx, &msg);
-    rv += StringPrintf(" %s", static_cast<char *>(msg.value));
+    gssapi::OM_uint32 maj_stat =
+        gssapi_lib->display_status(&min_stat, status, status_code_type,
+                                   GSS_C_NULL_OID, &msg_ctx, &msg);
+    if (maj_stat == GSS_S_COMPLETE) {
+      int msg_len = (msg.length > kMaxMsgLength) ?
+          static_cast<int>(kMaxMsgLength) :
+          static_cast<int>(msg.length);
+      if (msg_len > 0 && msg.value != NULL) {
+        rv += StringPrintf(" %.*s", msg_len,
+                           static_cast<char *>(msg.value));
+      }
+    }
     gssapi_lib->release_buffer(&min_stat, &msg);
     if (!msg_ctx)
       break;
   }
   return rv;
 }
 
 std::string DisplayExtendedStatus(GSSAPILibrary* gssapi_lib,
                                   gssapi::OM_uint32 major_status,
                                   gssapi::OM_uint32 minor_status) {
@@ skipping 210 matching lines @@
                                           major_status,
                                           minor_status);
     return ERR_UNEXPECTED;
   }
 
   return (major_status != GSS_S_COMPLETE) ? ERR_IO_PENDING : OK;
 }
 
 }  // namespace net