diff options
| author | David Michael <fedora.dm0@gmail.com> | 2022-10-23 18:51:33 -0400 |
|---|---|---|
| committer | Serge Hallyn <serge@hallyn.com> | 2022-10-24 16:15:13 -0500 |
| commit | eaebea55a495a56317ed85e959b3599f73c6bdf2 (patch) | |
| tree | 6813475b1fd47863bb64fc8313052c17882fba0d | |
| parent | 0336454503fb9b0fd6bce2690f8fa729186de252 (diff) | |
useradd: Fix buffer overflow when using a prefix
The buffer length did not count the string's trailing null byte.
Signed-off-by: David Michael <fedora.dm0@gmail.com>
| -rw-r--r-- | src/useradd.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/useradd.c b/src/useradd.c index 39a744ee..7ea0a9c4 100644 --- a/src/useradd.c +++ b/src/useradd.c @@ -2372,7 +2372,7 @@ static void create_mail (void) if (NULL == spool) { return; } - file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 2); + file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 3); if (prefix[0]) sprintf (file, "%s/%s/%s", prefix, spool, user_name); else |