commit df928892e8dd689416cab464cc05284997c0c188
parent 086a70cde0a887a55d5554109e483c19bc6ad8c2
Author: Aaron Marcher <[email protected]>
Date: Mon, 15 Aug 2016 12:59:45 +0200
fixed strlen-bomb in run_command
Diffstat:
1 file changed, 10 insertions(+), 1 deletion(-)
diff --git a/slstatus.c b/slstatus.c
@@ -453,6 +453,7 @@ ram_used(const char *null)
char *
run_command(const char* command)
{
+ int good;
FILE *fp;
char buffer[64];
@@ -469,7 +470,15 @@ run_command(const char* command)
pclose(fp);
/* add nullchar at the end */
- buffer[strlen(buffer) - 1] = '\0';
+ for (int i = 0 ; i != sizeof(buffer) ; i++) {
+ if (buffer[i] == '\0') {
+ good = 1;
+ break;
+ }
+ }
+ if (good) {
+ buffer[strlen(buffer) - 1] = '\0';
+ }
/* return the output */
return smprintf("%s", buffer);
