auth/credentials: Fix off-by-one buffer write

If p == pass + 127, assigning to '*++p' writes beyond the array. Signed-off-by: Joseph Sutton <josephsutton@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
author: Joseph Sutton <josephsutton@catalyst.net.nz> 2023-02-28 16:55:06 +1300
committer: Andrew Bartlett <abartlet@samba.org> 2023-03-03 01:07:36 +0000
commit: 262b40d83304d219c4ffb4eadebb8d51c02ba025 (patch)
tree: 5592ea8fdbb52050262c38af8f50ead35b7af19a /auth
parent: 1312b2d1699e544cff4f3f7dccd9a02a5bd295fa (diff)
download: samba-262b40d83304d219c4ffb4eadebb8d51c02ba025.tar.gz
1 files changed, 1 insertions, 1 deletions
diff --git a/auth/credentials/credentials.c b/auth/credentials/credentials.c
index 67644e806e4..917b05a547a 100644
--- a/auth/credentials/credentials.c
+++ b/auth/credentials/credentials.c
@@ -1556,7 +1556,7 @@ _PUBLIC_ bool cli_credentials_parse_password_fd(struct cli_credentials *credenti
 	char pass[128];
 
 	for(p = pass, *p = '\0'; /* ensure that pass is null-terminated */
-		p && p - pass < sizeof(pass);) {
+		p && p - pass < sizeof(pass) - 1;) {
 		switch (read(fd, p, 1)) {
 		case 1:
 			if (*p != '\n' && *p != '\0') {
author	Joseph Sutton <josephsutton@catalyst.net.nz>	2023-02-28 16:55:06 +1300
committer	Andrew Bartlett <abartlet@samba.org>	2023-03-03 01:07:36 +0000
commit	262b40d83304d219c4ffb4eadebb8d51c02ba025 (patch)
tree	5592ea8fdbb52050262c38af8f50ead35b7af19a /auth
parent	1312b2d1699e544cff4f3f7dccd9a02a5bd295fa (diff)
download	samba-262b40d83304d219c4ffb4eadebb8d51c02ba025.tar.gz