pgrep: Off by one in realloc in option handling

The loop that parses options has a of by one bug where the realloc
adds one byte, instead of one list element.  This is exposed when
you try things like:
  pgrep -t,,,,

Signed-off-by: Craig Small <csmall@enc.com.au>

diff --git a/pgrep.c b/pgrep.c
index 3ba363433be4e7425321dbe097bf9c643a0018a8..e24e09d7c6e827128d3895b297deed032f7b3f09 100644 (file)
--- a/pgrep.c
+++ b/pgrep.c
@@ -160,7 +160,7 @@ static struct el *split_list (const char *restrict str, int (*convert)(const cha
                if (i == size) {
                        size = size * 5 / 4 + 4;
                        /* add 1 because slot zero is a count */
-                       list = xrealloc (list, 1 + size * sizeof *list);
+                       list = xrealloc (list, (1 + size) * sizeof *list);
                }
                sep_pos = strchr (ptr, ',');
                if (sep_pos)