`strlen` returns the length of a string without the terminating null byte. To make sure enough memory is allocated we need to pass `strlen(..) + 1` to the allocation function. Signed-off-by: Stefan Beller <sbeller@xxxxxxxxxx> --- imap-send.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/imap-send.c b/imap-send.c index 2c52027..f7e9909 100644 --- a/imap-send.c +++ b/imap-send.c @@ -872,7 +872,7 @@ static char *cram(const char *challenge_64, const char *user, const char *pass) * enough upper bound for challenge (decoded result). */ encoded_len = strlen(challenge_64); - challenge = xmalloc(encoded_len); + challenge = xmalloc(encoded_len + 1); decoded_len = EVP_DecodeBlock((unsigned char *)challenge, (unsigned char *)challenge_64, encoded_len); if (decoded_len < 0) -- 2.8.0.8.g27a27a6.dirty -- To unsubscribe from this list: send the line "unsubscribe git" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html