1From d73777c2c3566fb2647727bb56d9a2295b81669b Mon Sep 17 00:00:00 2001 2From: Joachim Wiberg <troglobit@gmail.com> 3Date: Fri, 2 Sep 2022 16:12:46 +0200 4Subject: [PATCH] Fix #163: unterminated username used with getpwnam() 5 6Signed-off-by: Joachim Wiberg <troglobit@gmail.com> 7 8[Retrieved (and backported) from: 9https://github.com/libconfuse/libconfuse/commit/d73777c2c3566fb2647727bb56d9a2295b81669b] 10Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com> 11--- 12 src/confuse.c | 10 ++++++---- 13 1 file changed, 6 insertions(+), 4 deletions(-) 14 15diff --git a/src/confuse.c b/src/confuse.c 16index 6d1fdbd..05566b5 100644 17--- a/src/confuse.c 18+++ b/src/confuse.c 19@@ -1894,18 +1894,20 @@ DLLIMPORT char *cfg_tilde_expand(const char *filename) 20 passwd = getpwuid(geteuid()); 21 file = filename + 1; 22 } else { 23- /* ~user or ~user/path */ 24- char *user; 25+ char *user; /* ~user or ~user/path */ 26+ size_t len; 27 28 file = strchr(filename, '/'); 29 if (file == 0) 30 file = filename + strlen(filename); 31 32- user = malloc(file - filename); 33+ len = file - filename - 1; 34+ user = malloc(len + 1); 35 if (!user) 36 return NULL; 37 38- strncpy(user, filename + 1, file - filename - 1); 39+ strncpy(user, &filename[1], len); 40+ user[len] = 0; 41 passwd = getpwnam(user); 42 free(user); 43 } 44