From 5edd028a43a622bbdd5e9bbd658a7284aaf340ba Mon Sep 17 00:00:00 2001
From: Philipp Takacs <philipp@bureaucracy.de>
Date: Fri, 16 Jun 2017 14:12:24 +0200
Subject: [PATCH] fix undefined behavior in fmt_trim()

It now writes the output in the input char *. This is only a temporaly
fix.
---
 sbr/fmt_scan.c |   24 +++++++++++++-----------
 1 file changed, 13 insertions(+), 11 deletions(-)

diff --git a/sbr/fmt_scan.c b/sbr/fmt_scan.c
index ca7f5e8..4d4d633 100644
--- a/sbr/fmt_scan.c
+++ b/sbr/fmt_scan.c
@@ -299,12 +299,13 @@ fmt_trim(char *str, int width)
 	char *xp;
 	int ljust, i;
 	char buffer[BUFSIZ];
+	char *dst;
 
 	strncpy(buffer, str, sizeof(buffer));
-	buffer[sizeof(buffer)-1] = '\0';
-	str = buffer;
-	while (isspace(*str)) {
-		str++;
+	dst = buffer;
+	dst[sizeof(buffer)-1] = '\0';
+	while (isspace(*dst)) {
+		dst++;
 	}
 	ljust = 0;
 	if ((i = width) < 0) {
@@ -312,17 +313,18 @@ fmt_trim(char *str, int width)
 		ljust++;
 	}
 
-	if (!ljust && i > 0 && (int)strlen(str) > i) {
-		str[i] = '\0';
+	if (!ljust && i > 0 && (int)strlen(dst) > i) {
+		dst[i] = '\0';
 	}
-	xp = str;
-	xp += strlen(str) - 1;
-	while (xp > str && isspace(*xp)) {
+	xp = dst;
+	xp += strlen(dst) - 1;
+	while (xp > dst && isspace(*xp)) {
 		*xp-- = '\0';
 	}
-	if (ljust && i > 0 && (int)strlen(str) > i) {
-		str += strlen(str) - i;
+	if (ljust && i > 0 && (int)strlen(dst) > i) {
+		dst += strlen(dst) - i;
 	}
+	strncpy(str, dst, strlen(str) + 1);
 	return str;
 }
 
-- 
1.7.10.4