agent: Do not place a trailing NUL byte on S-expressions

* agent/pkdecrypt.c (agent_pkdecrypt): Avoid appending a trailing NUL
byte at the end of the generated S-expression.

--

In many cases, a canonical S-expression may have an embedded NUL
anyway (especially if it contains raw cryptographic key material or
other high-entropy bytestrings), so trying to treat a canonical
S-expression as a C string is likely to be dangerous -- better to not
leave any such expectations.

With the previous commit addressing the otherwise brittle consumers of
pkdecrypt, this should now be safe to do.

GnuPG-bug-id: 4652
Signed-off-by: Daniel Kahn Gillmor <dkg@fifthhorseman.net>

agent/pkdecrypt.c

@@ -95,7 +95,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
 
       put_membuf_printf (outbuf, "(5:value%u:", (unsigned int)len);
       put_membuf (outbuf, buf, len);
-      put_membuf (outbuf, ")", 2);
+      put_membuf (outbuf, ")", 1);
     }
   else
     { /* No smartcard, but a private key */
@@ -130,7 +130,7 @@ agent_pkdecrypt (ctrl_t ctrl, const char *desc_text,
              part. Turn it into a complete S-expression. */
           put_membuf (outbuf, "(5:value", 8);
           put_membuf (outbuf, buf, len);
-          put_membuf (outbuf, ")", 2);
+          put_membuf (outbuf, ")", 1);
         }
     }