From 3fb9dc9d059e6c35d974a37417524239d8491fdc Mon Sep 17 00:00:00 2001
From: Alex 'AdUser' Z <ad_user@runbox.com>
Date: Wed, 21 Sep 2016 11:06:28 +1000
Subject: [PATCH] * more checks in f2b_cmsg_extract_args()

---
 src/cmsg.c | 6 ++++++
 t/t_cmsg.c | 8 ++++++++
 2 files changed, 14 insertions(+)

diff --git a/src/cmsg.c b/src/cmsg.c
index 42a66c3..b861772 100644
--- a/src/cmsg.c
+++ b/src/cmsg.c
@@ -21,6 +21,12 @@ f2b_cmsg_extract_args(const f2b_cmsg_t *msg, const char **argv) {
   assert(msg  != NULL);
   assert(argv != NULL);
 
+  if (msg->size == 0)
+    return 0; /* no args */
+
+  if (msg->data[msg->size - 1] != '\0')
+    return -1; /* message data not null-terminated */
+
   for (size_t i = 0; i < msg->size; i++) {
     if (prev == '\0' && msg->data[i] != '\0')
       argv[argc] = &msg->data[i], argc++;
diff --git a/t/t_cmsg.c b/t/t_cmsg.c
index 0d31102..fb87aed 100644
--- a/t/t_cmsg.c
+++ b/t/t_cmsg.c
@@ -20,5 +20,13 @@ int main() {
   assert(memcmp(argv[0], "test1\0", 6) == 0);
   assert(memcmp(argv[1], "test2\0", 6) == 0);
 
+  /* data not null-terminated */
+  msg.size = 10;
+  memcpy(msg.data, "test1\0test2\n", 10);
+  assert(f2b_cmsg_extract_args(&msg, argv) == -1);
+
+  msg.size = 0;
+  assert(f2b_cmsg_extract_args(&msg, argv) == 0);
+
   return EXIT_SUCCESS;
 }