From d81158e4b60f0e0dff1e13adb253c2e01865de0d Mon Sep 17 00:00:00 2001 From: Chip Black Date: Thu, 30 May 2013 19:03:23 -0500 Subject: [PATCH] Paranoia fix for reading password version --- common/auth.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/common/auth.c b/common/auth.c index 6e5f346..3fd0376 100644 --- a/common/auth.c +++ b/common/auth.c @@ -66,7 +66,7 @@ int auth_get_password_version(const char *username) { char filename[512]; int fd; char str[4]; - int version; + int len; sprintf(filename, "%s/%s/password_version", DATA_PATH, username); if (access(filename, F_OK) != 0) { @@ -74,8 +74,9 @@ int auth_get_password_version(const char *username) { } fd = open(filename, O_RDONLY); - read(fd, str, 4); + len = read(fd, str, 4); close(fd); + str[len] = 0; /* strtol returns zero if there isn't a number */ return strtol(str, NULL, 10); } -- 2.25.1