From c502756113d53c7000c0f83a109ac36cb3a1020b Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Tue, 4 Mar 2003 09:33:34 +0000 Subject: Fix another 'off by one' bug with safe_strcpy(). It is unclear if the intent was to limit the string to 31 or 32 characters (excluding the null term), so I've assumed for now that 32 is fine, as this matches current behaviour (well, current behaviour would crash, but anyway...) Jerry: Can you look at this for me? Andrew Bartlett (This used to be commit 6c43327ea2b50820ea4f623c889dc4525d58baa3) --- source3/printing/nt_printing.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/printing') diff --git a/source3/printing/nt_printing.c b/source3/printing/nt_printing.c index 0f5067c5a0..4c454ef111 100644 --- a/source3/printing/nt_printing.c +++ b/source3/printing/nt_printing.c @@ -2106,7 +2106,7 @@ done: NT_DEVICEMODE *construct_nt_devicemode(const fstring default_devicename) { - char adevice[32]; + char adevice[33]; NT_DEVICEMODE *nt_devmode = (NT_DEVICEMODE *)malloc(sizeof(NT_DEVICEMODE)); if (nt_devmode == NULL) { @@ -2116,7 +2116,7 @@ NT_DEVICEMODE *construct_nt_devicemode(const fstring default_devicename) ZERO_STRUCTP(nt_devmode); - safe_strcpy(adevice, default_devicename, sizeof(adevice)); + safe_strcpy(adevice, default_devicename, sizeof(adevice)-1); fstrcpy(nt_devmode->devicename, adevice); fstrcpy(nt_devmode->formname, "Letter"); -- cgit