Fix potential buffer overflow

Calling strncpy where the size of the string to copy is equal to the size of the destination can potentially lead to a buffer overflow. To fix this, copy only what is needed with memcpy, and explicitly terminate the string with a null character.
author: adnano <me@adnano.co> 2023-02-26 07:45:37 -0500
committer: adnano <me@adnano.co> 2023-02-26 07:50:54 -0500
commit: 7c1e28b201ed52e42ddd8b114fdfbad0720d86d2 (patch)
tree: a72c4ba6d41f2fa30b4b1fa8c0e0c9ec3b06902a
parent: a7df5b270d5aea3a38e7dbc9a27bcfd059b8bc61 (diff)
download: wmenu-7c1e28b201ed52e42ddd8b114fdfbad0720d86d2.tar.gz
1 files changed, 3 insertions, 2 deletions
diff --git a/main.c b/main.c
index 8688f05..496521f 100644
--- a/main.c
+++ b/main.c
@@ -758,8 +758,9 @@ void keypress(struct menu_state *state, enum wl_keyboard_key_state key_state,
 		if (!state->selection) {
 			return;
 		}
-		strncpy(state->text, state->selection->text, sizeof state->text);
-		state->cursor = strlen(state->text);
+		state->cursor = strnlen(state->selection->text, sizeof state->text - 1);
+		memcpy(state->text, state->selection->text, state->cursor);
+		state->text[state->cursor] = '\0';
 		match(state);
 		render_frame(state);
 		break;
author	adnano <me@adnano.co>	2023-02-26 07:45:37 -0500
committer	adnano <me@adnano.co>	2023-02-26 07:50:54 -0500
commit	7c1e28b201ed52e42ddd8b114fdfbad0720d86d2 (patch)
tree	a72c4ba6d41f2fa30b4b1fa8c0e0c9ec3b06902a
parent	a7df5b270d5aea3a38e7dbc9a27bcfd059b8bc61 (diff)
download	wmenu-7c1e28b201ed52e42ddd8b114fdfbad0720d86d2.tar.gz