From bb4a25d7d96a6f496c0da0f66014cbc4411e1fe2 Mon Sep 17 00:00:00 2001
From: circulosmeos <roberto.s.galende@gmail.com>
Date: Mon, 6 Nov 2023 23:15:50 +0100
Subject: [PATCH] Patched incorrect malloc() length calculation after strlen(),
 raising a warning: '__builtin_sprintf' may write a terminating nul past the
 end of the destination [-Wformat-overflow=]

---
 gztool.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/gztool.c b/gztool.c
index 51458c7..1e88e7b 100644
--- a/gztool.c
+++ b/gztool.c
@@ -4349,7 +4349,7 @@ local int action_create_index(
                     (char *)(file_name + strlen(file_name) - 3) )
                 ) {
                 // if gzip-file name is 'FILE.gz', output file name will be 'FILE'
-                char *output_filename = malloc( strlen(file_name) );
+                char *output_filename = malloc( strlen(file_name) + 1 );
                 sprintf(output_filename, "%s", file_name);
                 output_filename[strlen(file_name) - 3] = '\0';
                 printToStderr( VERBOSITY_NORMAL, "Decompressing to '%s'\n", output_filename );
@@ -6235,7 +6235,7 @@ int main(int argc, char **argv)
                              (char *)(file_name + strlen(file_name) - 3)
                             ) {
                             // if gzip-file name is 'FILE.gz', output file has been 'FILE'
-                            char *output_filename = malloc( strlen(file_name) );
+                            char *output_filename = malloc( strlen(file_name) + 1 );
                             sprintf(output_filename, "%s", file_name);
                             output_filename[strlen(file_name) - 3] = '\0';
                             if ( do_not_delete_original_file == 0 ) {