forked from pool/shadow
30472fc2d8
Fix buffer overflow when calling useradd with --prefix See https://github.com/shadow-maint/shadow/pull/588 OBS-URL: https://build.opensuse.org/package/show/Base:System/shadow?expand=0&rev=127
26 lines
862 B
Diff
26 lines
862 B
Diff
From eaebea55a495a56317ed85e959b3599f73c6bdf2 Mon Sep 17 00:00:00 2001
|
|
From: David Michael <fedora.dm0@gmail.com>
|
|
Date: Sun, 23 Oct 2022 18:51:33 -0400
|
|
Subject: [PATCH] useradd: Fix buffer overflow when using a prefix
|
|
|
|
The buffer length did not count the string's trailing null byte.
|
|
|
|
Signed-off-by: David Michael <fedora.dm0@gmail.com>
|
|
---
|
|
src/useradd.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/useradd.c b/src/useradd.c
|
|
index 39a744ee0..7ea0a9c4d 100644
|
|
--- a/src/useradd.c
|
|
+++ b/src/useradd.c
|
|
@@ -2372,7 +2372,7 @@ static void create_mail (void)
|
|
if (NULL == spool) {
|
|
return;
|
|
}
|
|
- file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 2);
|
|
+ file = alloca (strlen (prefix) + strlen (spool) + strlen (user_name) + 3);
|
|
if (prefix[0])
|
|
sprintf (file, "%s/%s/%s", prefix, spool, user_name);
|
|
else
|