Fix off-by-one mistakes

The buffers have a size of 512 (see xmalloc() above), which is what snprintf(3) expects. Link: <https://github.com/shadow-maint/shadow/pull/607> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2022-12-16 00:52:27 +01:00 · 2022-12-16 00:52:27 +01:00 · 587ce83e3f
commit 587ce83e3f
parent b990b167d4
1 changed files with 8 additions and 8 deletions
--- a/src/groupmod.c
+++ b/src/groupmod.c
@ -554,13 +554,13 @@ static void prepare_failure_reports (void)
 #endif
 	info_passwd.audit_msg  = xmalloc (512);

-	(void) snprintf (info_group.audit_msg, 511,
+	(void) snprintf (info_group.audit_msg, 512,
 	                 "changing %s; ", gr_dbname ());
 #ifdef	SHADOWGRP
-	(void) snprintf (info_gshadow.audit_msg, 511,
+	(void) snprintf (info_gshadow.audit_msg, 512,
 	                 "changing %s; ", sgr_dbname ());
 #endif
-	(void) snprintf (info_passwd.audit_msg, 511,
+	(void) snprintf (info_passwd.audit_msg, 512,
 	                 "changing %s; ", pw_dbname ());

 	info_group.action   =   info_group.audit_msg
@ -573,16 +573,16 @@ static void prepare_failure_reports (void)
 	                      + strlen (info_passwd.audit_msg);

 	(void) snprintf (info_group.action,
-	                 511 - strlen (info_group.audit_msg),
+	                 512 - strlen (info_group.audit_msg),
 	                 "group %s/%lu",
 	                 group_name, (unsigned long int) group_id);
 #ifdef	SHADOWGRP
 	(void) snprintf (info_gshadow.action,
-	                 511 - strlen (info_group.audit_msg),
+	                 512 - strlen (info_group.audit_msg),
 	                 "group %s", group_name);
 #endif
 	(void) snprintf (info_passwd.action,
-	                 511 - strlen (info_group.audit_msg),
+	                 512 - strlen (info_group.audit_msg),
 	                 "group %s/%lu",
 	                 group_name, (unsigned long int) group_id);

@ -617,13 +617,13 @@ static void prepare_failure_reports (void)
 		strncat (info_group.action, ", new gid: ",
 		         511 - strlen (info_group.audit_msg));
 		(void) snprintf (info_group.action+strlen (info_group.action),
-		                 511 - strlen (info_group.audit_msg),
+		                 512 - strlen (info_group.audit_msg),
 		                 "%lu", (unsigned long int) group_newid);

 		strncat (info_passwd.action, ", new gid: ",
 		         511 - strlen (info_passwd.audit_msg));
 		(void) snprintf (info_passwd.action+strlen (info_passwd.action),
-		                 511 - strlen (info_passwd.audit_msg),
+		                 512 - strlen (info_passwd.audit_msg),
 		                 "%lu", (unsigned long int) group_newid);
 	}
 	info_group.audit_msg[511]   = '\0';