From 59353d13d73f3a351c5dada73896344b9e2a3818 Mon Sep 17 00:00:00 2001 From: Florian Forster Date: Tue, 2 May 2017 10:26:40 +0200 Subject: [PATCH] libcollectdclient: Fix off-by-one error when reading the username. The allocated buffer includes a null byte, but the network packet doesn't. That means we were reading one byte too many from the buffer, overwriting the terminating null byte in the buffer. --- src/libcollectdclient/network_parse.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/libcollectdclient/network_parse.c b/src/libcollectdclient/network_parse.c index 7139c9bc..83a05d4f 100644 --- a/src/libcollectdclient/network_parse.c +++ b/src/libcollectdclient/network_parse.c @@ -441,7 +441,7 @@ static int parse_encrypt_aes256(void *data, size_t data_size, return ENOMEM; char username[((size_t)username_len) + 1]; memset(username, 0, sizeof(username)); - if (buffer_next(b, username, sizeof(username))) + if (buffer_next(b, username, (size_t)username_len)) return EINVAL; char const *password = opts->password_lookup(username); -- 2.11.0