fix undefined behavior in fmt_trim()

It now writes the output in the input char *. This is only a temporaly
fix.

diff --git a/sbr/fmt_scan.c b/sbr/fmt_scan.c
index ca7f5e8..4d4d633 100644 (file)
--- a/sbr/fmt_scan.c
+++ b/sbr/fmt_scan.c
@@ -299,12 +299,13 @@ fmt_trim(char *str, int width)
        char *xp;
        int ljust, i;
        char buffer[BUFSIZ];
+       char *dst;
 
        strncpy(buffer, str, sizeof(buffer));
-       buffer[sizeof(buffer)-1] = '\0';
-       str = buffer;
-       while (isspace(*str)) {
-               str++;
+       dst = buffer;
+       dst[sizeof(buffer)-1] = '\0';
+       while (isspace(*dst)) {
+               dst++;
        }
        ljust = 0;
        if ((i = width) < 0) {
@@ -312,17 +313,18 @@ fmt_trim(char *str, int width)
                ljust++;
        }
 
-       if (!ljust && i > 0 && (int)strlen(str) > i) {
-               str[i] = '\0';
+       if (!ljust && i > 0 && (int)strlen(dst) > i) {
+               dst[i] = '\0';
        }
-       xp = str;
-       xp += strlen(str) - 1;
-       while (xp > str && isspace(*xp)) {
+       xp = dst;
+       xp += strlen(dst) - 1;
+       while (xp > dst && isspace(*xp)) {
                *xp-- = '\0';
        }
-       if (ljust && i > 0 && (int)strlen(str) > i) {
-               str += strlen(str) - i;
+       if (ljust && i > 0 && (int)strlen(dst) > i) {
+               dst += strlen(dst) - i;
        }
+       strncpy(str, dst, strlen(str) + 1);
        return str;
 }