pdb: Fix array overrun by one.

author Andreas Schneider <asn@samba.org>

Tue, 19 Feb 2013 08:23:53 +0000 (09:23 +0100)

committer Alexander Bokovoy <ab@samba.org>

Fri, 22 Feb 2013 15:36:13 +0000 (16:36 +0100)
author Andreas Schneider <asn@samba.org>
Tue, 19 Feb 2013 08:23:53 +0000 (09:23 +0100)
committer Alexander Bokovoy <ab@samba.org>
Fri, 22 Feb 2013 15:36:13 +0000 (16:36 +0100)
diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c

index 0703ea4607f161a0097d36db07225f122b8f3077..83785c68a1aacc2b9c84f0cc5ed43224404d22a1 100644 (file)
--- a/source3/passdb/pdb_smbpasswd.c
+++ b/source3/passdb/pdb_smbpasswd.c
@@ -737,7 +737,8 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
         fstring user_name;
  
         char *status;
-       char linebuf[256];
+#define LINEBUF_SIZE 255
+       char linebuf[LINEBUF_SIZE + 1];
         char readbuf[1024];
         int c;
         fstring ascii_p16;
@@ -792,7 +793,7 @@ static bool mod_smbfilepwd_entry(struct smbpasswd_privates *smbpasswd_state, con
  
                 linebuf[0] = '\0';
  
-               status = fgets(linebuf, sizeof(linebuf), fp);
+               status = fgets(linebuf, LINEBUF_SIZE, fp);
                 if (status == NULL && ferror(fp)) {
                         pw_file_unlock(lockfd, &smbpasswd_state->pw_file_lock_depth);
                         fclose(fp);
@@ -1021,7 +1022,7 @@ This is no longer supported.!\n", pwd->smb_name));
         dump_data(100, (uint8 *)ascii_p16, wr_len);
  #endif
  
-       if(wr_len > sizeof(linebuf)) {
+       if(wr_len > LINEBUF_SIZE) {
                 DEBUG(0, ("mod_smbfilepwd_entry: line to write (%d) is too long.\n", wr_len+1));
                 pw_file_unlock(lockfd,&smbpasswd_state->pw_file_lock_depth);
                 fclose(fp);
author	Andreas Schneider <asn@samba.org>
	Tue, 19 Feb 2013 08:23:53 +0000 (09:23 +0100)
committer	Alexander Bokovoy <ab@samba.org>
	Fri, 22 Feb 2013 15:36:13 +0000 (16:36 +0100)