diff options
author | Russ Allbery <rra@debian.org> | 2013-12-07 18:32:55 -0800 |
---|---|---|
committer | Russ Allbery <rra@debian.org> | 2019-02-18 18:58:27 -0800 |
commit | c9468eb792bb1cac48872689e10e9c7c4cd560bc (patch) | |
tree | ae3be4415b492e17dcea30faf985c0ba2ad36aa1 | |
parent | 4ed1de1f45bc6926279430d75f3f3de8f33754e8 (diff) |
Fix buffer allocation buffer for fail message
The failure log message when the user isn't permitted to run the
command they're attempting includes a summary of the commands the
user is allowed to run. The allocation for that string was not
reserving space for the nul byte at the end of the string, causing
a one-byte overwrite past the end of the string.
Gbp-Pq: Name 0003-Fix-buffer-allocation-buffer-for-fail-message.patch
-rw-r--r-- | util.c | 2 |
1 files changed, 1 insertions, 1 deletions
@@ -84,7 +84,7 @@ void fail( int flags, int argc, char **argv ) /* create msg indicating what is allowed */ if ( !size ) cmd = "This user is locked out."; else { - size += 18; + size += 18 + 1; if ( !(cmd = (char *)malloc(size)) ){ log_msg("fatal error: out of mem allocating log msg"); exit(1); |