mirror of
https://github.com/Cloudef/bemenu
synced 2024-11-26 05:58:25 +01:00
fa84d4b2d6
When running bemenu like: env BEMENU_OPTS="--list 3" bemenu Valgrind will report an out-of-bounds read: Invalid read of size 1 at 0x10BC91: do_getopt.part.0 (common.c:366) by 0x10C635: do_getopt (common.c:340) by 0x10C635: parse_args (common.c:556) by 0x10B535: main (bemenu.c:55) Address 0x4ac13e2 is 0 bytes after a block of size 2 alloc'd at 0x4849BF3: calloc (vg_replace_malloc.c:1675) by 0x10C533: cstrcopy (common.c:120) by 0x10C533: tokenize_quoted_to_argv (common.c:146) by 0x10C60C: parse_args (common.c:555) by 0x10B535: main (bemenu.c:55) The problem is that the parsing code for `--list` will blindly compare a character past the number of lines to parse for e.g. `--list '3 up'` but the end of the string may come right after the number of lines. In my system Valgrind does not find the error when running bemenu like `bemenu --list 3` even though the logic is equally questionable. Fix it by checking that there is more after the number of lines. |
||
---|---|---|
.. | ||
common.c | ||
common.h |