https://bugs.gentoo.org/901089 https://github.com/libconfuse/libconfuse/commit/d73777c2c3566fb2647727bb56d9a2295b81669b (Rebased by Vaibhav Rustagi ) From d73777c2c3566fb2647727bb56d9a2295b81669b Mon Sep 17 00:00:00 2001 From: Joachim Wiberg Date: Fri, 2 Sep 2022 16:12:46 +0200 Subject: [PATCH] Fix #163: unterminated username used with getpwnam() Signed-off-by: Joachim Wiberg --- a/src/confuse.c +++ b/src/confuse.c @@ -1863,18 +1863,20 @@ DLLIMPORT char *cfg_tilde_expand(const char *filename) passwd = getpwuid(geteuid()); file = filename + 1; } else { - /* ~user or ~user/path */ - char *user; + char *user; /* ~user or ~user/path */ + size_t len; file = strchr(filename, '/'); if (file == 0) file = filename + strlen(filename); - user = malloc(file - filename); + len = file - filename - 1; + user = malloc(len + 1); if (!user) return NULL; - strncpy(user, filename + 1, file - filename - 1); + strncpy(user, &filename[1], len); + user[len] = 0; passwd = getpwnam(user); free(user); }