From 41f9a167e34106509d34575756cad9c4292e1940 Mon Sep 17 00:00:00 2001
From: "C. McEnroe" <june@causal.agency>
Date: Mon, 17 Aug 2020 12:57:50 -0400
Subject: Properly handle command line truncation

Unlikely to happen since ARG_MAX is 256K, but...
---
 service.c | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

(limited to 'service.c')

diff --git a/service.c b/service.c
index 9a3b157..39ce60e 100644
--- a/service.c
+++ b/service.c
@@ -212,15 +212,21 @@ void serviceStart(struct Service *service) {
 		);
 		assert(n > 0);
 		len += n;
+		if (len >= sizeof(command)) errx(ExitNoExec, "command truncated");
 	}
-	snprintf(&command[len], sizeof(command) - len, "exec %s", service->command);
+	int n = snprintf(
+		&command[len], sizeof(command) - len, "exec %s", service->command
+	);
+	assert(n > 0);
+	len += n;
+	if (len >= sizeof(command)) errx(ExitNoExec, "command truncated");
 
 	execle(
 		_PATH_BSHELL,
 		_PATH_BSHELL, "-c", command, service->name, NULL,
 		serviceEnviron
 	);
-	err(ExitNotFound, "%s", _PATH_BSHELL);
+	err(ExitNoExec, "%s", _PATH_BSHELL);
 }
 
 void serviceSignal(struct Service *service, int signal) {
-- 
cgit 1.4.1