From b22cf8328f430eabf2e0c1a602d24a8d29239a50 Mon Sep 17 00:00:00 2001
From: Alexander Naumov <alexander_naumov@opensuse.org>
Date: Sat, 24 Jun 2023 21:48:13 +0200
Subject: [PATCH] userbits 'address out of bounce' fix

We pass (1, 0) to calloc().
The ACLBYTE macro will return &NULL[(0 + 1) >> 3] equals 0.

On some systems (including OpenBSD) this will return
a zero sized object: a unique pointer that points to
unaccessable memory. This is permitted by the standards.
---
 src/acls.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/acls.c b/src/acls.c
index de7321f..4734019 100644
--- a/src/acls.c
+++ b/src/acls.c
@@ -92,7 +92,7 @@ static int GrowBitfield(AclBits * bfp, int len, int delta, int defaultbit)
 {
 	AclBits n, o = *bfp;
 
-	if (!(n = (AclBits) calloc(1, (unsigned long)(&ACLBYTE((char *)NULL, len + delta + 1)))))
+	if (!(n = (AclBits) calloc(1, (unsigned long)(&ACLBYTE((char *)NULL, len + delta) + 1))))
 		return -1;
 	for (int i = 0; i < (len + delta); i++) {
 		if (((i < len) && (ACLBIT(i) & ACLBYTE(o, i))) || ((i >= len) && (defaultbit)))