From d1fc8df0a9b800ef8d2fdd08f8f2c4d5d1234829 Mon Sep 17 00:00:00 2001
From: Stian Skjelstad <stian.skjelstad@gmail.com>
Date: Tue, 2 Apr 2024 00:18:27 +0200
Subject: [PATCH] validate_xdg_dir_absolute() allocates a byte short when
 building the string buffer in one of the code-paths.

---
 boot/kickload-unix.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/boot/kickload-unix.c b/boot/kickload-unix.c
index 83c4351d..0793ef34 100644
--- a/boot/kickload-unix.c
+++ b/boot/kickload-unix.c
@@ -382,7 +382,7 @@ static char *validate_xdg_dir_absolute (const char *name, const char *def)
 	}
 	if (xdg)
 	{
-		char *retval = malloc (strlen (xdg) + 5);
+		char *retval = malloc (strlen (xdg) + 5 + 1);
 		if (retval)
 		{
 			sprintf (retval, "%s%socp/",
@@ -783,7 +783,7 @@ int validate_home(void)
 		char settingsPath[PATH_MAX];
 		if (find_directory(B_USER_SETTINGS_DIRECTORY, -1, false, settingsPath, sizeof(settingsPath)) == B_OK)
 		{
-			_cfConfigHomeDir = malloc (strlen (settingsPath) + 5);
+			_cfConfigHomeDir = malloc (strlen (settingsPath) + 5 + 1);
 			if (!_cfConfigHomeDir)
 			{
 				fprintf (stderr, "malloc() failed\n");