[487178] Obey mount_point when publishing wills.

Wills published by clients connected to a listener with mount_point defined
now correctly obey the mount point. This was a potential security risk
because it allowed clients to publish messages outside of their restricted
mount point. This is only affects brokers where the mount_point option is in
use.

Thanks to Lance Riley.

Bug: https://bugs.eclipse.org/bugs/show_bug.cgi?id=487178

ChangeLog.txt

@@ -1,4 +1,9 @@
 Broker:
+- Wills published by clients connected to a listener with mount_point defined
+ now correctly obey the mount point. This was a potential security risk
+ because it allowed clients to publish messages outside of their restricted
+ mount point. This is only affects brokers where the mount_point option is in
+ use. Closes #487178.
 - Fix detection of broken connections on Windows. Closes #485143.
 
 Client library:

src/read_handle_server.c

@@ -82,6 +82,7 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
  uint8_t connect_ack = 0;
  char *client_id = NULL;
  char *will_payload = NULL, *will_topic = NULL;
+ char *will_topic_mount;
  uint16_t will_payloadlen;
  struct mosquitto_message *will_struct = NULL;
  uint8_t will, will_retain, will_qos, clean_session;
@@ -240,6 +241,21 @@ int mqtt3_handle_connect(struct mosquitto_db *db, struct mosquitto *context)
  rc = 1;
  goto handle_connect_error;
  }
+
+ if(context->listener && context->listener->mount_point){
+ slen = strlen(context->listener->mount_point) + strlen(will_topic);
+ will_topic_mount = _mosquitto_malloc(slen+1);
+ if(!will_topic_mount){
+ rc = MOSQ_ERR_NOMEM;
+ goto handle_connect_error;
+ }
+ snprintf(will_topic_mount, slen, "%s%s", context->listener->mount_point, will_topic);
+ will_topic_mount[slen] = '\0';
+
+ _mosquitto_free(will_topic);
+ will_topic = will_topic_mount;
+ }
+
  if(mosquitto_pub_topic_check(will_topic)){
  rc = 1;
  goto handle_connect_error;