From 7b368abe5174317220183c7ecef31155ecc55e38 Mon Sep 17 00:00:00 2001 From: Markus Uhlin Date: Wed, 1 May 2024 15:06:46 +0200 Subject: Added check --- FICS/command.c | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) (limited to 'FICS') diff --git a/FICS/command.c b/FICS/command.c index 3e85169..e934dcc 100644 --- a/FICS/command.c +++ b/FICS/command.c @@ -188,8 +188,16 @@ alias_substitute(alias_type *alias_list, int num_alias, char *com_str, atpos = strchr(aliasval, '@'); if (atpos != NULL) { - strncpy(outalias, aliasval, atpos - aliasval); - outalias[atpos - aliasval] = '\0'; + const size_t diff = atpos - aliasval; + + if (diff >= size) { // XXX + warnx("%s: diff out of bounds!", __func__); + return; + } + + strncpy(outalias, aliasval, diff); + outalias[diff] = '\0'; + mstrlcat(outalias, s, size); mstrlcat(outalias, atpos + 1, size); } else { -- cgit v1.2.3