Skip to content

Commit

Permalink
slurp_battery_info: Fix reading uninitialised memory
Browse files Browse the repository at this point in the history
Fixes valgrind-found bug of the `for (walk = buf, ...` loop
reading all of `buf` even though `buf` is null-terminated string
(an only partly initialised char array).

    valgrind ./i3status -c ../etc/i3status.conf --run-once

    Conditional jump or move depends on uninitialised value(s)
      at 0x40F15A: slurp_battery_info (print_battery_info.c:164)
      by 0x40FA07: slurp_all_batteries (print_battery_info.c:558)
      by 0x40FCA6: print_battery_info (print_battery_info.c:612)
      by 0x409CA2: main (i3status.c:753)
  • Loading branch information
nh2 committed Sep 9, 2024
1 parent 200fef9 commit 8ee4244
Show file tree
Hide file tree
Showing 2 changed files with 7 additions and 1 deletion.
3 changes: 2 additions & 1 deletion src/general.c
Original file line number Diff line number Diff line change
Expand Up @@ -19,7 +19,8 @@
}

/*
* Reads size bytes into the destination buffer from filename.
* Reads (size - 1) bytes into the destination buffer from filename,
* and null-terminate it.
*
* On success, true is returned. Otherwise, false is returned and the content
* of destination is left untouched.
Expand Down
5 changes: 5 additions & 0 deletions src/print_battery_info.c
Original file line number Diff line number Diff line change
Expand Up @@ -161,6 +161,11 @@ static bool slurp_battery_info(battery_info_ctx_t *ctx, struct battery_info *bat
}

for (walk = buf, last = buf; (walk - buf) < 1024; walk++) {
// `*walk` (slice of `buf`) is only initialised until `null` written by `slurp()`
if (*walk == '\0') {
break;
}

if (*walk == '\n') {
last = walk + 1;
continue;
Expand Down

0 comments on commit 8ee4244

Please sign in to comment.