From d3275f49374d258c6962d101321b218fc70fec89 Mon Sep 17 00:00:00 2001
From: Daniel Friesel <derf@finalrewind.org>
Date: Sun, 11 May 2014 13:48:48 +0200
Subject: feh_printf: Fix buffer overflow when handling unknown format
 specifiers

---
 src/slideshow.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

(limited to 'src/slideshow.c')

diff --git a/src/slideshow.c b/src/slideshow.c
index 8aa783c..a18c1f8 100644
--- a/src/slideshow.c
+++ b/src/slideshow.c
@@ -584,7 +584,8 @@ char *feh_printf(char *str, feh_file * file, winwidget winwid)
 				break;
 			default:
 				weprintf("Unrecognized format specifier %%%c", *c);
-				strncat(ret, c - 1, 2);
+				if ((strlen(ret) + 3) < sizeof(ret))
+					strncat(ret, c - 1, 2);
 				break;
 			}
 		} else if ((*c == '\\') && (*(c+1) != '\0') && ((strlen(ret) + 3) < sizeof(ret))) {
-- 
cgit v1.2.3