The allocated buffer includes a null byte, but the network packet doesn't.
That means we were reading one byte too many from the buffer, overwriting
the terminating null byte in the buffer.
return ENOMEM;
char username[((size_t)username_len) + 1];
memset(username, 0, sizeof(username));
return ENOMEM;
char username[((size_t)username_len) + 1];
memset(username, 0, sizeof(username));
- if (buffer_next(b, username, sizeof(username)))
+ if (buffer_next(b, username, (size_t)username_len))
return EINVAL;
char const *password = opts->password_lookup(username);
return EINVAL;
char const *password = opts->password_lookup(username);