windows-heap-corruption-20070703
authorJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 3 Jul 2007 15:11:35 +0000 (15:11 +0000)
committerJeffrey Altman <jaltman@secure-endpoints.com>
Tue, 3 Jul 2007 15:11:35 +0000 (15:11 +0000)
fix buffer over write error introduced since 1.5.20

src/WINNT/afsd/smb.c

index d60b6eb..7e707cd 100644 (file)
@@ -1649,7 +1649,7 @@ int smb_FindShare(smb_vc_t *vcp, smb_user_t *uidp, char *shareName,
         snprintf(pathstr, sizeof(pathstr)/sizeof(char),
                  "/" CM_PREFIX_VOL "%s", shareName);
         pathstr[sizeof(pathstr)/sizeof(char) - 1] = '\0';
-        len = strlen(pathstr);
+        len = strlen(pathstr) + 1;
 
         *pathNamep = malloc(len);
         if (*pathNamep) {