[PATCH 4/6] cstp: AC_PKT_DISCONN payload length can be 0

[Kevin Cernekee]

Terminating ocserv while a connection is active can cause uninitialized
data to be printed to the terminal:

    Established DTLS connection (using GnuTLS). Ciphersuite (DTLS1.2)-(RSA)-(AES-128-GCM).
    Received server disconnect: 00 '<bunch of junk chars>'
    Send BYE packet: Server request
    Session terminated by server; exiting.

If we get an AC_PKT_DISCONN message with no payload, just skip printing
the disconnect reason.

Signed-off-by: Kevin Cernekee <cernekee at gmail.com>
---
 cstp.c | 18 +++++++++++-------
 1 file changed, 11 insertions(+), 7 deletions(-)

diff --git a/cstp.c b/cstp.c
index 99fdbd0fa62c..9004370d813e 100644
--- a/cstp.c
+++ b/cstp.c
@@ -871,14 +871,18 @@ int cstp_mainloop(struct openconnect_info *vpninfo, int *timeout)
 
 		case AC_PKT_DISCONN: {
 			int i;
-			for (i = 1; i < payload_len; i++) {
-				if (!isprint(vpninfo->cstp_pkt->data[i]))
-					vpninfo->cstp_pkt->data[i] = '.';
+			if (payload_len >= 2) {
+				for (i = 1; i < payload_len; i++) {
+					if (!isprint(vpninfo->cstp_pkt->data[i]))
+						vpninfo->cstp_pkt->data[i] = '.';
+				}
+				vpninfo->cstp_pkt->data[payload_len] = 0;
+				vpn_progress(vpninfo, PRG_ERR,
+					     _("Received server disconnect: %02x '%s'\n"),
+					     vpninfo->cstp_pkt->data[0], vpninfo->cstp_pkt->data + 1);
+			} else {
+				vpn_progress(vpninfo, PRG_ERR, _("Received server disconnect\n"));
 			}
-			vpninfo->cstp_pkt->data[payload_len] = 0;
-			vpn_progress(vpninfo, PRG_ERR,
-				     _("Received server disconnect: %02x '%s'\n"),
-				     vpninfo->cstp_pkt->data[0], vpninfo->cstp_pkt->data + 1);
 			vpninfo->quit_reason = "Server request";
 			return -EPIPE;
 		}
-- 
2.2.2