$OpenBSD: patch-src_kit_kit-string_c,v 1.1 2009/10/15 21:51:54 ajacoutot Exp $

From FreeBSD via pkgsrc:

Fix a problem with PK's strndup() implementation assuming all strings
passed to it would be NUL-terminated.  This is known to fix crashes with
polkit-gnome-authorization and clock-applet.

--- src/kit/kit-string.c.orig	Fri May 30 23:24:44 2008
+++ src/kit/kit-string.c	Thu Oct 15 21:02:06 2009
@@ -123,13 +123,18 @@ static char
         if ( !s )
                 return NULL;
 
-        if ( strlen(s) > n )
-                nAvail = n + 1;
-        else
-                nAvail = strlen(s) + 1;
-        p = malloc ( nAvail );
+        if (memchr(s, '\0', n) != NULL) {
+                nAvail = strlen(s);
+                if ( nAvail > n )
+                        nAvail = n;
+        } else {
+                nAvail = n;
+        }
+        p = malloc ( nAvail + 1 );
+        if (p == NULL)
+                return NULL;
         memcpy ( p, s, nAvail );
-        p[nAvail - 1] = '\0';
+        p[nAvail] = '\0';
 
         return p;
 }
