aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndreas Schneider <asn@cryptomilk.org>2012-10-05 11:37:09 +0200
committerAndreas Schneider <asn@cryptomilk.org>2012-11-14 17:36:24 +0100
commit894bbf3137425409e297e5695dd6070166f98d3b (patch)
treef05f37f10e4b29b9b00acb74f2304f8b06eb5ce0
parentf61813eaea814b49489b3e917c6bdb850c7aeb8b (diff)
downloadlibssh-894bbf3137425409e297e5695dd6070166f98d3b.tar.gz
libssh-894bbf3137425409e297e5695dd6070166f98d3b.tar.xz
libssh-894bbf3137425409e297e5695dd6070166f98d3b.zip
CVE-2012-4560: Fix a write one past the end of the 'u' buffer.
-rw-r--r--src/misc.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/src/misc.c b/src/misc.c
index 64d9e0c2..c2876bde 100644
--- a/src/misc.c
+++ b/src/misc.c
@@ -659,7 +659,7 @@ char *ssh_path_expand_tilde(const char *d) {
size_t s = p - d;
char u[128];
- if (s > sizeof(u)) {
+ if (s >= sizeof(u)) {
return NULL;
}
memcpy(u, d, s);