fish: Fix off-by-one bug in tilde expansion.

Although this doesn't seem to cause a crash, valgrind confirms
that this is a genuine off-by-one bug.  It could potentially
cause a crash if you did:

  echo 'echo ~root/foo' | guestfish

diff --git a/fish/tilde.c b/fish/tilde.c
index 83aa70d..806297c 100644 (file)
--- a/fish/tilde.c
+++ b/fish/tilde.c
@@ -58,7 +58,7 @@ try_tilde_expansion (char *str)
     home = find_home_for_username (&str[1], len);
 
     if (home) {
-      len = strlen (home) + strlen (rest);
+      len = strlen (home) + strlen (rest) + 1;
       str = malloc (len);
       if (str == NULL) {
         perror ("malloc");