store: Fix potential over-reads in 'import-paths'.

Previously 'process-stderr' would always pass a bytevector of MAX-LEN to
then daemon in the %stderr-read case (i.e., 'import-paths'), instead of
LEN (where LEN <= MAX-LEN).

In practice the extra bytes didn't cause a protocol violation or
anything because they happen at the end of the stream, which typically
contains the canonical sexp of the signature, and the extra zeros were
just ignored.

* guix/serialization.scm (write-bytevector): Add optional 'l' parameter
and honor it.
* guix/store.scm (process-stderr): Pass LEN to 'write-bytevector'.

guix/serialization.scm

@@ -1,5 +1,5 @@
 ;;; GNU Guix --- Functional package management for GNU
-;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017 Ludovic Courtès <ludo@gnu.org>
+;;; Copyright © 2012, 2013, 2014, 2015, 2016, 2017, 2018 Ludovic Courtès <ludo@gnu.org>
 ;;;
 ;;; This file is part of GNU Guix.
 ;;;
@@ -102,9 +102,9 @@
         (or (zero? m)
             (put-bytevector p zero 0 (- 8 m)))))))
 
-(define (write-bytevector s p)
+(define* (write-bytevector s p
-  (let* ((l (bytevector-length s))
+                           #:optional (l (bytevector-length s)))
-         (m (modulo l 8))
+  (let* ((m (modulo l 8))
          (b (make-bytevector (+ 8 l (if (zero? m) 0 (- 8 m))))))
     (bytevector-u32-set! b 0 l (endianness little))
     (bytevector-copy! s 0 b 8 l)

guix/store.scm

@@ -609,7 +609,7 @@ encoding conversion errors."
            (let* ((max-len (read-int p))
                   (data    (make-bytevector max-len))
                   (len     (get-bytevector-n! user-port data 0 max-len)))
-             (write-bytevector data p)
+             (write-bytevector data p len)
              #f))
           ((= k %stderr-next)
            ;; Log a string.  Build logs are usually UTF-8-encoded, but they