char *expanded;
struct passwd *pw;
char user[100];
+ int len;
/* Return immediately if no tilde. */
if (filename[0] != '~')
return xstrdup(pw->pw_dir);
}
/* Build a path combining the specified directory and path. */
- expanded = xmalloc(strlen(pw->pw_dir) + strlen(cp + 1) + 2);
- sprintf(expanded, "%s/%s", pw->pw_dir, cp + 1);
+ len = strlen(pw->pw_dir) + strlen(cp + 1) + 2;
+ if (len > MAXPATHLEN)
+ fatal("Home directory too long (%d > %d", len-1, MAXPATHLEN-1);
+ expanded = xmalloc(len);
+ snprintf(expanded, len, "%s/%s", pw->pw_dir, cp + 1);
return expanded;
}