sfm

simple file manager
git clone git://git.afify.dev/sfm
Log | Files | Refs | README | LICENSE

commit 205dde4cf3acaf708c93f5ad25f59144877e940b
parent f26739f4f1c8ccf77d84fb2f57520b63d06e7472
Author: afify <hassan@afify.dev>
Date:   Tue, 30 Mar 2021 23:15:33 +0300

[fix] print_row() buffer overflow

problem: wrong usage of strncpy & strncat can cause buffer overflow.
solution: use snprintf() and limit result with MAX_N.

Diffstat:
Msfm.c | 7+++----
1 file changed, 3 insertions(+), 4 deletions(-)

diff --git a/sfm.c b/sfm.c @@ -279,10 +279,9 @@ print_row(Pane *pane, size_t entpos, Cpair col) y = entpos - cpane->firstrow + 1; if (S_ISLNK(pane->direntr[entpos].mode) && - realpath(pane->direntr[entpos].name, buf) != NULL) { - strncpy(lnk_full, pane->direntr[entpos].name, MAX_N); - strcat(lnk_full, " -> "); - strncat(lnk_full, buf, MAX_N); + realpath(pane->direntr[entpos].name, buf) != NULL) { + (void)snprintf(lnk_full, MAX_N, "%s -> %s", + result, buf); result = lnk_full; }