diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/misc.c | 5 |
1 files changed, 3 insertions, 2 deletions
@@ -723,7 +723,8 @@ char *ssh_path_expand_escape(ssh_session session, const char *s) { if (*p != '%') { buf[i] = *p; i++; - if (i > MAX_BUF_SIZE) { + if (i >= MAX_BUF_SIZE) { + free(r); return NULL; } buf[i] = '\0'; @@ -775,7 +776,7 @@ char *ssh_path_expand_escape(ssh_session session, const char *s) { } i += strlen(x); - if (i > MAX_BUF_SIZE) { + if (i >= MAX_BUF_SIZE) { ssh_set_error(session, SSH_FATAL, "String too long"); free(x); |