From 2c4b559f8301f236110356a0215d6d20fae6193f Mon Sep 17 00:00:00 2001
From: Matthew Vernon <matthew@debian.org>
Date: Sat, 12 May 2018 10:00:46 +0100
Subject: [PATCH] Allow space for trailing NULL (closes: #897712)

cfname was previously STRSZ long, but the strncat use on l661 could
write up to STRSZ bytes to it, which would mean that the trailing NULL
would then overflow the array. Fix this by allocating STRSZ+1 bytes to
cfname.
---
 tsl.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tsl.c b/tsl.c
index f6d90b2..d5946a2 100644
--- a/tsl.c
+++ b/tsl.c
@@ -595,7 +595,7 @@ void tsl_init(char *dfname,char *path, const int memlimit)
     Univ_Int *up;
     int tablesize;
 #define STRSZ 255
-    char cfname[STRSZ];
+    char cfname[STRSZ+1]; /*allow space for trailing NULL*/
 
     if (memlimit > 0)
 	tsl_maxbuffusage = memlimit<<10;	/* times 1024 */
-- 
2.30.2