From 18d6a1bc767680f9ab0b0993b23b4cac6aabf926 Mon Sep 17 00:00:00 2001
From: =?utf8?q?Ingo=20B=C3=BCrk?= <admin@airblader.de>
Date: Tue, 31 May 2016 22:58:23 +0200
Subject: [PATCH] Explicitly terminate fallback in set_from_resource. (#2366)

---
 src/config_parser.c | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/src/config_parser.c b/src/config_parser.c
index 5b5e2363..2a884730 100644
--- a/src/config_parser.c
+++ b/src/config_parser.c
@@ -954,6 +954,14 @@ bool parse_file(const char *f, bool use_nagbar) {
             char v_key[512];
             char fallback[4096];
 
+            /* Ensure that this string is terminated. For example, a user might
+             * want a variable to be empty if the resource can't be found and
+             * uses
+             *   set_from_resource $foo i3wm.foo
+             * Without explicitly terminating the string first, sscanf() will
+             * leave it uninitialized, causing garbage in the config.*/
+            fallback[0] = '\0';
+
             if (sscanf(value, "%511s %511s %4095[^\n]", v_key, res_name, fallback) < 1) {
                 ELOG("Failed to parse resource specification '%s', skipping it.\n", value);
                 continue;
-- 
2.39.5