From d9da9b90a2be88825b3219f21b5865872591bbdb Mon Sep 17 00:00:00 2001
From: Ted Gould <ted@gould.cx>
Date: Tue, 28 Aug 2012 15:14:40 -0500
Subject: Making sure that there's no way that we can write over the end of the
 buffer even for very, very, very long home directory names.

---
 src/pam-freerdp.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/pam-freerdp.c b/src/pam-freerdp.c
index f635162..8129787 100644
--- a/src/pam-freerdp.c
+++ b/src/pam-freerdp.c
@@ -283,7 +283,7 @@ pam_sm_open_session (pam_handle_t *pamh, int flags, int argc, const char ** argv
 	memset(&socket_addr, 0, sizeof(struct sockaddr_un));
 	socket_addr.sun_family = AF_UNIX;
 	strncpy(socket_addr.sun_path, pwdent->pw_dir, sizeof(socket_addr.sun_path) - 1);
-	strncpy(socket_addr.sun_path + strlen(pwdent->pw_dir), "/.freerdp-socket", sizeof(socket_addr.sun_path) - 1);
+	strncpy(socket_addr.sun_path + strlen(pwdent->pw_dir), "/.freerdp-socket", (sizeof(socket_addr.sun_path) - strlen(pwdent->pw_dir)) - 1);
 
 	/* We bind the socket before forking so that we ensure that
 	   there isn't a race condition to get to it.  Things will block
-- 
cgit v1.2.3