From: Todd C. Miller <Todd.Miller@courtesan.com>
Date: Wed, 27 Jun 2012 17:41:58 +0000 (-0400)
Subject: Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to
X-Git-Tag: SUDO_1_8_6^2~117
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=e9f5a38398e57faae70b2963411da80463e662d7;p=sudo

Use MAX_UID_T_LEN + 1 for uid/gid buffers, not MAX_UID_T_LEN to
prevent potential truncation.  Bug #562.
---

diff --git a/plugins/sudoers/env.c b/plugins/sudoers/env.c
index 9b043b282..a5ceb8c45 100644
--- a/plugins/sudoers/env.c
+++ b/plugins/sudoers/env.c
@@ -687,7 +687,7 @@ void
 rebuild_env(void)
 {
     char **old_envp, **ep, *cp, *ps1;
-    char idbuf[MAX_UID_T_LEN];
+    char idbuf[MAX_UID_T_LEN + 1];
     unsigned int didvar;
     bool reset_home = false;
 
diff --git a/plugins/sudoers/ldap.c b/plugins/sudoers/ldap.c
index a2055390a..fd7cdf89a 100644
--- a/plugins/sudoers/ldap.c
+++ b/plugins/sudoers/ldap.c
@@ -1108,7 +1108,7 @@ static char *
 sudo_ldap_build_pass1(struct passwd *pw)
 {
     struct group *grp;
-    char *buf, timebuffer[TIMEFILTER_LENGTH], gidbuf[MAX_UID_T_LEN];
+    char *buf, timebuffer[TIMEFILTER_LENGTH], gidbuf[MAX_UID_T_LEN + 1];
     struct group_list *grlist;
     size_t sz = 0;
     int i;