diff options
| author | Lukas Fleischer <lfleischer@calcurse.org> | 2018-05-26 11:51:38 +0200 |
|---|---|---|
| committer | Lukas Fleischer <lfleischer@calcurse.org> | 2018-05-26 11:51:38 +0200 |
| commit | 65c2b6d9b82bad15a63312eef96917d9c450baf8 (patch) | |
| tree | 154f6e6f1949f28da4854c0e1bb3041a7fafb661 /src | |
| parent | 8abb1a93add0a2c9c08df6a28f7da2ba27cf1019 (diff) | |
| download | calcurse-65c2b6d9b82bad15a63312eef96917d9c450baf8.tar.gz calcurse-65c2b6d9b82bad15a63312eef96917d9c450baf8.zip | |
notify.c: fix several buffer overflows
Signed-off-by: Lukas Fleischer <lfleischer@calcurse.org>
Diffstat (limited to 'src')
| -rw-r--r-- | src/notify.c | 31 |
1 files changed, 18 insertions, 13 deletions
diff --git a/src/notify.c b/src/notify.c index 59e6350..886a7e6 100644 --- a/src/notify.c +++ b/src/notify.c @@ -130,9 +130,12 @@ void notify_init_vars(void) pthread_mutex_init(&nbar.mutex, NULL); nbar.show = 1; nbar.cntdwn = 300; - strncpy(nbar.datefmt, date_format, strlen(date_format) + 1); - strncpy(nbar.timefmt, time_format, strlen(time_format) + 1); - strncpy(nbar.cmd, cmd, strlen(cmd) + 1); + strncpy(nbar.datefmt, date_format, BUFSIZ); + nbar.datefmt[BUFSIZ - 1] = '\0'; + strncpy(nbar.timefmt, time_format, BUFSIZ); + nbar.timefmt[BUFSIZ - 1] = '\0'; + strncpy(nbar.cmd, cmd, BUFSIZ); + nbar.cmd[BUFSIZ - 1] = '\0'; if ((nbar.shell = getenv("SHELL")) == NULL) nbar.shell = "/bin/sh"; @@ -707,26 +710,26 @@ static void config_option_edit(int i) case 1: status_mesg(date_str, ""); pthread_mutex_lock(&nbar.mutex); - strncpy(buf, nbar.datefmt, - strlen(nbar.datefmt) + 1); + strncpy(buf, nbar.datefmt, BUFSIZ); + buf[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); if (updatestring(win[STA].p, &buf, 0, 1) == 0) { pthread_mutex_lock(&nbar.mutex); - strncpy(nbar.datefmt, buf, - strlen(buf) + 1); + strncpy(nbar.datefmt, buf, BUFSIZ); + nbar.datefmt[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); } break; case 2: status_mesg(time_str, ""); pthread_mutex_lock(&nbar.mutex); - strncpy(buf, nbar.timefmt, - strlen(nbar.timefmt) + 1); + strncpy(buf, nbar.timefmt, BUFSIZ); + buf[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); if (updatestring(win[STA].p, &buf, 0, 1) == 0) { pthread_mutex_lock(&nbar.mutex); - strncpy(nbar.timefmt, buf, - strlen(buf) + 1); + strncpy(nbar.timefmt, buf, BUFSIZ); + nbar.timefmt[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); } break; @@ -746,11 +749,13 @@ static void config_option_edit(int i) case 4: status_mesg(cmd_str, ""); pthread_mutex_lock(&nbar.mutex); - strncpy(buf, nbar.cmd, strlen(nbar.cmd) + 1); + strncpy(buf, nbar.cmd, BUFSIZ); + buf[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); if (updatestring(win[STA].p, &buf, 0, 1) == 0) { pthread_mutex_lock(&nbar.mutex); - strncpy(nbar.cmd, buf, strlen(buf) + 1); + strncpy(nbar.cmd, buf, BUFSIZ); + nbar.cmd[BUFSIZ - 1] = '\0'; pthread_mutex_unlock(&nbar.mutex); } break; |