emo/shadow
1
0
Fork 0
Code Issues Pull Requests Packages Releases Activity

useradd: Fix buffer overflow when using a prefix

Browse Source 
The buffer length did not count the string's trailing null byte.

Signed-off-by: David Michael <fedora.dm0@gmail.com>
This commit is contained in:
David Michael 2022-10-23 18:51:33 -04:00 committed by Serge Hallyn
parent 0336454503
commit eaebea55a4
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/useradd.c
View File

@ -2372,7 +2372,7 @@ static void create_mail (void)
if (NULL == spool) { if (NULL == spool) {
return; return;
} }
file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 2); file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 3);
if (prefix[0]) if (prefix[0])
sprintf (file, "%s/%s/%s", prefix, spool, user_name); sprintf (file, "%s/%s/%s", prefix, spool, user_name);
else else