fixed a potential security flaw

This commit is contained in:
Anselm R. Garbe 2007-05-10 13:47:44 +02:00
parent b6b2f584ec
commit b8bccb4ac5

View file

@ -365,16 +365,18 @@ updatetitle(Client *c) {
XGetWMName(dpy, c->win, &name); XGetWMName(dpy, c->win, &name);
if(!name.nitems) if(!name.nitems)
return; return;
if(name.encoding == XA_STRING) if(name.encoding == XA_STRING) {
strncpy(c->name, (char *)name.value, sizeof c->name); strncpy(c->name, (char *)name.value, sizeof c->name - 1);
}
else { else {
if(XmbTextPropertyToTextList(dpy, &name, &list, &n) >= Success if(XmbTextPropertyToTextList(dpy, &name, &list, &n) >= Success
&& n > 0 && *list) && n > 0 && *list)
{ {
strncpy(c->name, *list, sizeof c->name); strncpy(c->name, *list, sizeof c->name - 1);
XFreeStringList(list); XFreeStringList(list);
} }
} }
c->name[sizeof c->name - 1] = '\0';
XFree(name.value); XFree(name.value);
} }