Merge branch 'js/wincred-get-credential-alloc-fix'

Under-allocation fix. * js/wincred-get-credential-alloc-fix: wincred: avoid memory corruption
author: Junio C Hamano <gitster@pobox.com> 2025-11-26 10:32:42 -0800
committer: Junio C Hamano <gitster@pobox.com> 2025-11-26 10:32:42 -0800
commit: e539545396d99a18835f0b1c09172082389bc9b5 (patch)
tree: 94e3a6b4b5dc478c0ee6550b186b80e304c4bf0a
parent: 35eaf96addb428fa22913f1091782a4002adfd61 (diff)
parent: d22a488482092da64ad19fda82edde199bed2466 (diff)
download: git-e539545396d99a18835f0b1c09172082389bc9b5.tar.xz
1 files changed, 1 insertions, 1 deletions
diff --git a/contrib/credential/wincred/git-credential-wincred.c b/contrib/credential/wincred/git-credential-wincred.c
index 5683846b4b..73c2b9b72a 100644
--- a/contrib/credential/wincred/git-credential-wincred.c
+++ b/contrib/credential/wincred/git-credential-wincred.c
@@ -165,7 +165,7 @@ static void get_credential(void)
 			write_item("username", creds[i]->UserName,
 				creds[i]->UserName ? wcslen(creds[i]->UserName) : 0);
 			if (creds[i]->CredentialBlobSize > 0) {
-				secret = xmalloc(creds[i]->CredentialBlobSize);
+				secret = xmalloc(creds[i]->CredentialBlobSize + sizeof(WCHAR));
 				wcsncpy_s(secret, creds[i]->CredentialBlobSize, (LPCWSTR)creds[i]->CredentialBlob, creds[i]->CredentialBlobSize / sizeof(WCHAR));
 				line = wcstok_s(secret, L"\r\n", &remaining_lines);
 				write_item("password", line, line ? wcslen(line) : 0);
author	Junio C Hamano <gitster@pobox.com>	2025-11-26 10:32:42 -0800
committer	Junio C Hamano <gitster@pobox.com>	2025-11-26 10:32:42 -0800
commit	e539545396d99a18835f0b1c09172082389bc9b5 (patch)
tree	94e3a6b4b5dc478c0ee6550b186b80e304c4bf0a
parent	35eaf96addb428fa22913f1091782a4002adfd61 (diff)
parent	d22a488482092da64ad19fda82edde199bed2466 (diff)
download	git-e539545396d99a18835f0b1c09172082389bc9b5.tar.xz