fixed strlen-bomb in run_command

author Aaron Marcher <[email protected]>

Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)

committer Aaron Marcher (drkhsh) <[email protected]>

Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)
author Aaron Marcher <[email protected]>
Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)
committer Aaron Marcher (drkhsh) <[email protected]>
Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)
diff --git a/slstatus.c b/slstatus.c

index 6ffc8e0..d993eca 100644 (file)
--- a/slstatus.c
+++ b/slstatus.c
@@ -453,6 +453,7 @@ ram_used(const char *null)
  char *
  run_command(const char* command)
  {
+    int good;
         FILE *fp;
         char buffer[64];
  
@@ -469,7 +470,15 @@ run_command(const char* command)
         pclose(fp);
  
      /* add nullchar at the end */
-       buffer[strlen(buffer) - 1] = '\0';
+    for (int i = 0 ; i != sizeof(buffer) ; i++) {
+        if (buffer[i] == '\0') {
+            good = 1;
+            break;
+        }
+    }
+    if (good) {
+        buffer[strlen(buffer) - 1] = '\0';
+    }
  
      /* return the output */
         return smprintf("%s", buffer);
author	Aaron Marcher <[email protected]>
	Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)
committer	Aaron Marcher (drkhsh) <[email protected]>
	Mon, 15 Aug 2016 10:59:45 +0000 (12:59 +0200)