From 7542451a046535ba7ed9919dc9610a822c796904 Mon Sep 17 00:00:00 2001
From: Christophe CURIS <christophe.curis@free.fr>
Date: Sat, 29 Nov 2014 16:35:21 +0100
Subject: [PATCH] wmaker: fix possible buffer overrun with filename for Icon
 Chooser (Coverity #50218)

As pointed by Coverity, there is a possible (yet improbable) buffer overrun
when building the list of files to be used in the Icon Chooser dialog.

Better safe than sorry, let's use the safer function to build the complete
name, and add a little message to the user in case of problem so at least
he can know something was not right.

Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
---
 src/dialog.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/src/dialog.c b/src/dialog.c
index 3d5d9d01..d14d336e 100644
--- a/src/dialog.c
+++ b/src/dialog.c
@@ -592,9 +592,13 @@ static void listPixmaps(WScreen *scr, WMList *lPtr, const char *path)
 		if (strcmp(dentry->d_name, ".") == 0 || strcmp(dentry->d_name, "..") == 0)
 			continue;
 
-		strcpy(pbuf, apath);
-		strcat(pbuf, "/");
-		strcat(pbuf, dentry->d_name);
+		if (wstrlcpy(pbuf, apath, sizeof(pbuf)) >= sizeof(pbuf) ||
+		    wstrlcat(pbuf, "/", sizeof(pbuf)) >= sizeof(pbuf) ||
+		    wstrlcat(pbuf, dentry->d_name, sizeof(pbuf)) >= sizeof(pbuf)) {
+			wwarning(_("full path for file \"%s\" in \"%s\" is longer than %ld bytes, skipped"),
+			         dentry->d_name, path, sizeof(pbuf) - 1);
+			continue;
+		}
 
 		if (stat(pbuf, &statb) < 0)
 			continue;
-- 
2.11.4.GIT