Prevent out of boundary write with configuration files in which too many

quoted arguments are stored for other window managers.

The quotation handling happens within the while loop without checking if
the "end" limit has been already reached. If this happens, the final
NULL assignment leads to an out of boundary write on stack.

OK okan@
This commit is contained in:
tobias 2020-04-16 17:12:49 +00:00
parent 6407eb9bc1
commit 3ebe04ee8e

2
util.c
View File

@ -53,7 +53,7 @@ u_exec(char *argstr)
{ {
#define MAXARGLEN 20 #define MAXARGLEN 20
char *args[MAXARGLEN], **ap = args; char *args[MAXARGLEN], **ap = args;
char **end = &args[MAXARGLEN - 1], *tmp; char **end = &args[MAXARGLEN - 2], *tmp;
char *s = argstr; char *s = argstr;
while (ap < end && (*ap = strsep(&argstr, " \t")) != NULL) { while (ap < end && (*ap = strsep(&argstr, " \t")) != NULL) {