src/login.c: Fix off-by-one bugss

These functions expect a size, not a length. Don't subtract 1 to the size. Link: <https://github.com/shadow-maint/shadow/pull/935> Link: <https://github.com/shadow-maint/shadow/issues/920#issuecomment-1926002209> Link: <https://github.com/shadow-maint/shadow/pull/757> Link: <https://github.com/shadow-maint/shadow/issues/674> See-also: 0656a90bfd0d ("src/login.c: Fix off-by-one buggs") See-also: 403a2e3771 ("lib/chkname.c: Take NUL byte into account") Fixes: 3b7cc05387 ("lib: replace `USER_NAME_MAX_LENGTH` macro") Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com> Cc: Tobias Stoeckmann <tobias@stoeckmann.org> Cc: Serge Hallyn <serge@hallyn.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2024-02-05 13:54:25 +01:00
parent 51cd6aec02
commit 15882a5f90
1 changed files with 2 additions and 2 deletions
--- a/src/login.c
+++ b/src/login.c
@@ -577,7 +577,7 @@ int main (int argc, char **argv)
 		assert (NULL == username);
 		username = XMALLOC(max_size, char);
 		username[max_size - 1] = '\0';
-		if (do_rlogin(hostname, username, max_size - 1, term, sizeof(term)))
+		if (do_rlogin(hostname, username, max_size, term, sizeof(term)))
 		{
 			preauth_flag = true;
 		} else {
@@ -890,7 +890,7 @@ int main (int argc, char **argv)
 			preauth_flag = false;
 			username = XMALLOC(max_size, char);
 			username[max_size - 1] = '\0';
-			login_prompt(username, max_size - 1);
+			login_prompt(username, max_size);

 			if ('\0' == username[0]) {
 				/* Prompt for a new login */