Skip to content

Commit

Permalink
modules/FvwmScript/Instructions.c: Fix off-by-one error in use of Com…
Browse files Browse the repository at this point in the history 
…mand buffer

In FuncGetOutput(), we use an array Command[] to store the last command
we executed, so that if we're called again within less than a second
for the same command we reuse the same information rather than re-running
the command.

The compiler points out an off-by-one error when we copy the
string into the buffer with strncpy():

Instructions.c: In function ‘FuncGetOutput’:
Instructions.c:366:7: warning: ‘strncpy’ specified bound 255 equals destination size [-Wstringop-truncation]
       strncpy(Command,cmndbuf,255);
       ^~~~~~~~~~~~~~~~~~~~~~~~~~~~

This means that if the command string is 255 characters or more,
there will be no trailing NUL in the Command array, and the
next time the function is called the strcmp(Command,...)
could run off the end of the array.

Make the array 256 bytes long, so it matches how much data we're
trying to write into it.
  • Loading branch information
@pm215 @ThomasAdam
pm215 authored and ThomasAdam committed Jun 18, 2021
1 parent 1679d65 commit e8a6908
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion modules/FvwmScript/Instructions.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -56,7 +56,7 @@ extern Atom propriete;
extern char *LastString;
char *FvwmUserDir = NULL;
char *BufCom;
char Command[255]="None";
char Command[256]="None";
time_t TimeCom=0;

/*
Expand Down

0 comments on commit e8a6908

Please sign in to comment.