Paranoia fix for reading password version

diff --git a/common/auth.c b/common/auth.c
index 6e5f346..3fd0376 100644 (file)
--- a/common/auth.c
+++ b/common/auth.c
@@ -66,7 +66,7 @@ int auth_get_password_version(const char *username) {
        char filename[512];
        int fd;
        char str[4];
-       int version;
+       int len;
 
        sprintf(filename, "%s/%s/password_version", DATA_PATH, username);
        if (access(filename, F_OK) != 0) {
@@ -74,8 +74,9 @@ int auth_get_password_version(const char *username) {
        }
 
        fd = open(filename, O_RDONLY);
-       read(fd, str, 4);
+       len = read(fd, str, 4);
        close(fd);
+       str[len] = 0;
        /* strtol returns zero if there isn't a number */
        return strtol(str, NULL, 10);
 }