From df928892e8dd689416cab464cc05284997c0c188 Mon Sep 17 00:00:00 2001
From: Aaron Marcher <info@nulltime.net>
Date: Mon, 15 Aug 2016 12:59:45 +0200
Subject: [PATCH] fixed strlen-bomb in run_command

---
 slstatus.c | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/slstatus.c b/slstatus.c
index 6ffc8e0..d993eca 100644
--- a/slstatus.c
+++ b/slstatus.c
@@ -453,6 +453,7 @@ ram_used(const char *null)
 char *
 run_command(const char* command)
 {
+    int good;
 	FILE *fp;
 	char buffer[64];
 
@@ -469,7 +470,15 @@ run_command(const char* command)
 	pclose(fp);
 
     /* add nullchar at the end */
-	buffer[strlen(buffer) - 1] = '\0';
+    for (int i = 0 ; i != sizeof(buffer) ; i++) {
+        if (buffer[i] == '\0') {
+            good = 1;
+            break;
+        }
+    }
+    if (good) {
+        buffer[strlen(buffer) - 1] = '\0';
+    }
 
     /* return the output */
 	return smprintf("%s", buffer);