slurp_battery_info: Fix reading uninitialised memory

Fixes valgrind-found bug of the `for (walk = buf, ...` loop reading all of `buf` even though `buf` is null-terminated string (an only partly initialised char array). valgrind ./i3status -c ../etc/i3status.conf --run-once Conditional jump or move depends on uninitialised value(s) at 0x40F15A: slurp_battery_info (print_battery_info.c:164) by 0x40FA07: slurp_all_batteries (print_battery_info.c:558) by 0x40FCA6: print_battery_info (print_battery_info.c:612) by 0x409CA2: main (i3status.c:753)
i3 · Jul 20, 2024 · bb6e594 · bb6e594
1 parent 200fef9
commit bb6e594
Show file tree

Hide file tree

Showing 2 changed files with 6 additions and 2 deletions.
diff --git a/src/general.c b/src/general.c
@@ -19,7 +19,8 @@
     }
 
 /*
- * Reads size bytes into the destination buffer from filename.
+ * Reads (size - 1) bytes into the destination buffer from filename,
+ * and null-terminate it.
  *
  * On success, true is returned. Otherwise, false is returned and the content
  * of destination is left untouched.

diff --git a/src/print_battery_info.c b/src/print_battery_info.c
@@ -155,12 +155,15 @@ static bool slurp_battery_info(battery_info_ctx_t *ctx, struct battery_info *bat
     sprintf(batpath, path, number);
     INSTANCE(batpath);
 
-    if (!slurp(batpath, buf, sizeof(buf))) {
+    if (!slurp(batpath, buf, sizeof(buf))) { // `slurp()` null-terminates `buf`
         OUTPUT_FULL_TEXT(format_down);
         return false;
     }
 
     for (walk = buf, last = buf; (walk - buf) < 1024; walk++) {
+        if (*walk == '\0') // `*walk` (slice of `buf`) is only initialised until `null` written by `slurp()`
+            break;
+
         if (*walk == '\n') {
             last = walk + 1;
             continue;