diff options
Diffstat (limited to 'auth.c')
-rw-r--r-- | auth.c | 6 |
1 files changed, 5 insertions, 1 deletions
@@ -368,7 +368,11 @@ secure_filename(FILE *f, const char *file, struct passwd *pw, char *cp; struct stat st; - strlcpy(homedir, dirname(pw->pw_dir), sizeof(homedir)); + strlcpy(homedir, pw->pw_dir, sizeof(homedir)); + if ((cp = dirname(homedir)) == NULL) + strlcpy(homedir, "/", sizeof(homedir)); + else + memmove(homedir, cp, strlen(cp)); if (realpath(file, buf) == NULL) { snprintf(err, errlen, "realpath %s failed: %s", file, |