Buffer overflow vulnerability fix

Author: 0x0d

src/v-check-user-password.c

@@ -45,10 +45,16 @@ int main (int argc, char** argv) {
     /* open log file */
     FILE* pFile = fopen ("/usr/local/vesta/log/auth.log","a+");
     if (NULL == pFile) {
-        printf("Error: can not open file %s \n", argv[0]);
+        printf("Error: can not open file /usr/local/vesta/log/auth.log \n");
         exit(12);
     }
 
+    int len = 0;
+    if(strlen(argv[1]) >= 100) {
+        printf("Too long username\n");
+        exit(1);
+    }
+
     /* parse user argument */
     struct passwd* userinfo = getpwnam(argv[1]);
     if (NULL != userinfo) {