File _service:obs_scm:backport-Fix-out-of-bounds-rea... of Package libnfs

File _service:obs_scm:backport-Fix-out-of-bounds-reading-of-v4-READLINK-results.patch of Package libnfs

From 1918e4d3cb458131e51f1ecdbdd8ac6b2f85214b Mon Sep 17 00:00:00 2001
From: QRPp <awesome.walrus+github@gmail.com>
Date: Mon, 8 Jan 2024 06:08:54 +0000
Subject: [PATCH] Fix out-of-bounds reading of v4 READLINK results

`nfs4_readlink_cb()`, part of `nfs_readlink_async()` and indirectly
`nfs_readlink()` & `nfs_readlink2()`, presumes the results of v4 READLINK ops
to be always NUL-terminated.  That isn't guaranteed, and is rarely the case at
least when a result needs no NUL-padding on the wire toward a typically (or
always?) four byte multiple: the next RAM byte can be NUL only coincidentally.

Under these conditions, memory is read beyond the end of the op result, at the
very least corrupting the result returned to the caller, or even crashing,
given no NUL byte in all the remainder of the corresponding memory area.

(Closes #338 by @ma-rom.)
---
 lib/nfs_v4.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/lib/nfs_v4.c b/lib/nfs_v4.c
index 2e0499e3..d6e3ee6f 100644
--- a/lib/nfs_v4.c
+++ b/lib/nfs_v4.c
@@ -2902,7 +2902,8 @@ nfs4_readlink_cb(struct rpc_context *rpc, int status, void *command_data,
 
         rlresok = &res->resarray.resarray_val[i].nfs_resop4_u.opreadlink.READLINK4res_u.resok4;
 
-        target = strdup(rlresok->link.utf8string_val);
+        target = strndup(rlresok->link.utf8string_val,
+                         rlresok->link.utf8string_len);
         if (target == NULL) {
                 data->cb(-ENOMEM, nfs, "Failed to allocate memory",
                          data->private_data);