From 8c14a5065dd10a81d71230dcffa77e54b44b81f7 Mon Sep 17 00:00:00 2001
From: Corinna Vinschen <corinna@vinschen.de>
Date: Mon, 19 May 2014 08:29:47 +0000
Subject: [PATCH] 	* syscalls.cc (getusershell): Fix buffer overrun
 (Coverity ID 59932).

---
 winsup/cygwin/ChangeLog   | 4 ++++
 winsup/cygwin/syscalls.cc | 2 +-
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index a34fe6850..823019d37 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,3 +1,7 @@
+2014-05-18  David Stacey  <drstacey@tiscali.co.uk>
+
+	* syscalls.cc (getusershell): Fix buffer overrun (Coverity ID 59932).
+
 2014-05-15  Corinna Vinschen  <corinna@vinschen.de>
 
 	* external.cc (cygwin_internal): Use local name buffer instead of
diff --git a/winsup/cygwin/syscalls.cc b/winsup/cygwin/syscalls.cc
index 3a8fabf6d..de8cf119c 100644
--- a/winsup/cygwin/syscalls.cc
+++ b/winsup/cygwin/syscalls.cc
@@ -4179,7 +4179,7 @@ getusershell ()
   /* Get each non-whitespace character as part of the shell path as long as
      it fits in buf. */
   for (buf_idx = 0;
-       ch != EOF && !isspace (ch) && buf_idx < PATH_MAX;
+       ch != EOF && !isspace (ch) && buf_idx < (PATH_MAX - 1);
        buf_idx++, ch = getc (shell_fp))
     buf[buf_idx] = ch;
   /* Skip any trailing non-whitespace character not fitting in buf.  If the