auth/credentials: Fix off-by-one buffer write

author Joseph Sutton <josephsutton@catalyst.net.nz>

Tue, 28 Feb 2023 03:55:06 +0000 (16:55 +1300)

committer Andrew Bartlett <abartlet@samba.org>

Fri, 3 Mar 2023 01:07:36 +0000 (01:07 +0000)
author Joseph Sutton <josephsutton@catalyst.net.nz>
Tue, 28 Feb 2023 03:55:06 +0000 (16:55 +1300)
committer Andrew Bartlett <abartlet@samba.org>
Fri, 3 Mar 2023 01:07:36 +0000 (01:07 +0000)
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c

index 67644e806e45646f6d4d1661a46bd48595c4271f..917b05a547a6af0f48e66536bca3a3ee940b7696 100644 (file)
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -1556,7 +1556,7 @@ _PUBLIC_ bool cli_credentials_parse_password_fd(struct cli_credentials *credenti
         char pass[128];
  
         for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
-               p && p - pass < sizeof(pass);) {
+               p && p - pass < sizeof(pass) - 1;) {
                 switch (read(fd, p, 1)) {
                 case 1:
                         if (*p != '\n' && *p != '\0') {
author	Joseph Sutton <josephsutton@catalyst.net.nz>
	Tue, 28 Feb 2023 03:55:06 +0000 (16:55 +1300)
committer	Andrew Bartlett <abartlet@samba.org>
	Fri, 3 Mar 2023 01:07:36 +0000 (01:07 +0000)