summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2012-10-05 11:37:09 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-11-14 17:11:03 +0100
commit64fca8a7ed83c3315781a77aac1ea36d52ff0c7e (patch)
treed134f74d88e17c2920552990559f545295a8ca03
parente3d9501b31a11b427afe1cc1cba5208adc2c3c39 (diff)
downloadlibssh-64fca8a7ed83c3315781a77aac1ea36d52ff0c7e.tar.gz
libssh-64fca8a7ed83c3315781a77aac1ea36d52ff0c7e.tar.xz
libssh-64fca8a7ed83c3315781a77aac1ea36d52ff0c7e.zip
CVE-2012-4560: Fix a write one past the end of the 'u' buffer.
-rw-r--r--src/misc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/misc.c b/src/misc.c
index dd5298f8..62230354 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -655,7 +655,7 @@ char *ssh_path_expand_tilde(const char *d) {
size_t s = p - d;
char u[128];
- if (s > sizeof(u)) {
+ if (s >= sizeof(u)) {
return NULL;
}
memcpy(u, d, s);