diff options
| author | Jari Vetoniemi <mailroxas@gmail.com> | 2014-04-12 20:16:33 +0300 |
|---|---|---|
| committer | Jari Vetoniemi <mailroxas@gmail.com> | 2014-04-12 20:16:33 +0300 |
| commit | d54381f00991669fa4ee4f3a8037f246ca1904f8 (patch) | |
| tree | 6356280933b745b1598617b296b6a701f73939f5 | |
| parent | e738ae17728c697d64beb9adb2dfcc921f864120 (diff) | |
| download | bemenu-d54381f00991669fa4ee4f3a8037f246ca1904f8.tar.gz bemenu-d54381f00991669fa4ee4f3a8037f246ca1904f8.tar.bz2 bemenu-d54381f00991669fa4ee4f3a8037f246ca1904f8.zip | |
Fix out of bound access, and provide better tokenize api.
| -rw-r--r-- | client/client.c | 4 | ||||
| -rw-r--r-- | lib/filter.c | 6 | ||||
| -rw-r--r-- | lib/internal.h | 2 | ||||
| -rw-r--r-- | lib/util.c | 7 |
4 files changed, 13 insertions, 6 deletions
diff --git a/client/client.c b/client/client.c index 8bc4be1..2f95d52 100644 --- a/client/client.c +++ b/client/client.c @@ -28,13 +28,15 @@ static void readItemsToMenuFromStdin(bmMenu *menu) size_t pos; char *s = buffer; while ((pos = strcspn(s, "\n")) != 0) { + size_t next = pos + (s[pos] != 0); s[pos] = 0; + bmItem *item = bmItemNew(s); if (!item) break; bmMenuAddItem(menu, item); - s += pos + 1; + s += next; } free(buffer); diff --git a/lib/filter.c b/lib/filter.c index 811451b..204eac1 100644 --- a/lib/filter.c +++ b/lib/filter.c @@ -54,15 +54,15 @@ static char* _bmFilterTokenize(bmMenu *menu, char ***outTokv, unsigned int *outT if (!(buffer = _bmStrdup(menu->filter))) goto fail; - size_t pos = 0; + size_t pos = 0, next; unsigned int tokc = 0, tokn = 0; char *s = buffer, **tmp = NULL; - while ((pos = _bmStripToken(s, " ")) != 0) { + while ((pos = _bmStripToken(s, " ", &next)) > 0) { if (++tokc > tokn && !(tmp = realloc(tmp, ++tokn * sizeof(char*)))) goto fail; tmp[tokc - 1] = s; - s += pos + 1; + s += next; } *outTokv = tmp; diff --git a/lib/internal.h b/lib/internal.h index 1ed13b4..6d116a0 100644 --- a/lib/internal.h +++ b/lib/internal.h @@ -163,7 +163,7 @@ int _bmItemListRemoveItem(struct _bmItemList *list, const bmItem *item); /* util.c */ char* _bmStrdup(const char *s); -size_t _bmStripToken(char *string, const char *token); +size_t _bmStripToken(char *string, const char *token, size_t *outNext); int _bmStrupcmp(const char *hay, const char *needle); int _bmStrnupcmp(const char *hay, const char *needle, size_t len); char* _bmStrupstr(const char *hay, const char *needle); @@ -34,11 +34,16 @@ char* _bmStrdup(const char *string) * Replaces next token in string with '\0' and returns position for the replaced token. * * @param string C "string" where token will be replaced. + * @param outNext Reference to position of next delimiter, or 0 if none. * @return Position of the replaced token. */ -size_t _bmStripToken(char *string, const char *token) +size_t _bmStripToken(char *string, const char *token, size_t *outNext) { size_t len = strcspn(string, token); + + if (outNext) + *outNext = len + (string[len] != 0); + string[len] = 0; return len; } |