blob: 5911f2d397786d84c13328dc06df1cb1a97e2960 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
|
[PATCH] Fix #163: unterminated username used with getpwnam()
Signed-off-by: Joachim Wiberg <troglobit@gmail.com>
---
src/confuse.c | 10 ++++++----
1 file changed, 6 insertions(+), 4 deletions(-)
diff --git a/src/confuse.c b/src/confuse.c
index ce4fca8..060fae2 100644
--- a/src/confuse.c
+++ b/src/confuse.c
@@ -1863,18 +1863,20 @@ DLLIMPORT char *cfg_tilde_expand(const char *filename)
passwd = getpwuid(geteuid());
file = filename + 1;
} else {
- /* ~user or ~user/path */
- char *user;
+ char *user; /* ~user or ~user/path */
+ size_t len;
file = strchr(filename, '/');
if (file == 0)
file = filename + strlen(filename);
- user = malloc(file - filename);
+ len = file - filename - 1;
+ user = malloc(len + 1);
if (!user)
return NULL;
- strncpy(user, filename + 1, file - filename - 1);
+ strncpy(user, &filename[1], len);
+ user[len] = 0;
passwd = getpwnam(user);
free(user);
}
--
2.48.1
|
