Merge branch 'maint-0.3.3' into maint-0.3.4

changes/bug27740

@@ -0,0 +1,4 @@
+  o Minor bugfixes (rust):
+    - Return a string that can be safely freed by C code, not one created by
+      the rust allocator, in protover_all_supported(). Fixes bug 27740; bugfix
+      on 0.3.3.1-alpha.

changes/bug27804

@@ -0,0 +1,3 @@
+  o Minor bugfixes (rust):
+    - Fix a potential null dereference in protover_all_supported().
+      Add a test for it. Fixes bug 27804; bugfix on 0.3.3.1-alpha.

src/rust/protover/ffi.rs

@@ -65,12 +65,10 @@ pub extern "C" fn protover_all_supported(
 
     if maybe_unsupported.is_some() {
         let unsupported: UnvalidatedProtoEntry = maybe_unsupported.unwrap();
-        let c_unsupported: CString = match CString::new(unsupported.to_string()) {
-            Ok(n) => n,
-            Err(_) => return 1,
-        };
-
-        let ptr = c_unsupported.into_raw();
+        if missing_out.is_null() {
+            return 0;
+        }
+        let ptr = allocate_and_copy_string(&unsupported.to_string());
         unsafe { *missing_out = ptr };
 
         return 0;

src/test/test_protover.c

@@ -259,6 +259,7 @@ test_protover_all_supported(void *arg)
   tt_ptr_op(msg, OP_EQ, NULL);
 
   // Some things we don't support
+  tt_assert(! protover_all_supported("Wombat=9", NULL));
   tt_assert(! protover_all_supported("Wombat=9", &msg));
   tt_str_op(msg, OP_EQ, "Wombat=9");
   tor_free(msg);