1
0
mirror of https://github.com/Cloudef/bemenu synced 2024-11-26 05:58:25 +01:00
bemenu/client/common
Joan Bruguera Micó fa84d4b2d6 Fix out-of-bounds read when parsing --list argument
When running bemenu like:
    env BEMENU_OPTS="--list 3" bemenu

Valgrind will report an out-of-bounds read:
    Invalid read of size 1
       at 0x10BC91: do_getopt.part.0 (common.c:366)
       by 0x10C635: do_getopt (common.c:340)
       by 0x10C635: parse_args (common.c:556)
       by 0x10B535: main (bemenu.c:55)
     Address 0x4ac13e2 is 0 bytes after a block of size 2 alloc'd
       at 0x4849BF3: calloc (vg_replace_malloc.c:1675)
       by 0x10C533: cstrcopy (common.c:120)
       by 0x10C533: tokenize_quoted_to_argv (common.c:146)
       by 0x10C60C: parse_args (common.c:555)
       by 0x10B535: main (bemenu.c:55)

The problem is that the parsing code for `--list` will blindly compare
a character past the number of lines to parse for e.g. `--list '3 up'`
but the end of the string may come right after the number of lines.

In my system Valgrind does not find the error when running bemenu like
`bemenu --list 3` even though the logic is equally questionable.

Fix it by checking that there is more after the number of lines.
2024-07-08 02:22:31 +09:00
..
common.c Fix out-of-bounds read when parsing --list argument 2024-07-08 02:22:31 +09:00
common.h add option to start vim bindings in normal mode 2023-12-02 23:24:20 +09:00