[src/trunk]: src/usr.bin/msgc fix an off-by-one error (it would put up to max...

[cgd <cgd%NetBSD.org@localhost>]

details:   https://anonhg.NetBSD.org/src/rev/7f655d71bf2b
branches:  trunk
changeset: 473775:7f655d71bf2b
user:      cgd <cgd%NetBSD.org@localhost>
date:      Sat Jun 19 00:00:48 1999 +0000

description:
fix an off-by-one error (it would put up to max_chars plus NUL into the string,
which is one too many).  Also, msgc manual page says that 'def' and 'val'
can be the same string, but the way input was done (characters typed
went directly into val) meant that the contents of 'def' would be corrupted.
If the user backspaced to the beginning of the line and hit return (to accept
the default), they'd get a combination of the old default string and the
new characters they typed.  alloca() a buffer an put new input there to
avoid this problem.

diffstat:

 usr.bin/msgc/msg_sys.def |  22 ++++++++++++----------
 1 files changed, 12 insertions(+), 10 deletions(-)

diffs (52 lines):

diff -r c30a4ed9f5d5 -r 7f655d71bf2b usr.bin/msgc/msg_sys.def
--- a/usr.bin/msgc/msg_sys.def  Fri Jun 18 23:26:40 1999 +0000
+++ b/usr.bin/msgc/msg_sys.def  Sat Jun 19 00:00:48 1999 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: msg_sys.def,v 1.2 1999/04/25 09:10:07 veego Exp $      */
+/*     $NetBSD: msg_sys.def,v 1.3 1999/06/19 00:00:48 cgd Exp $        */
 
 /*
  * Copyright 1997 Piermont Information Systems Inc.
@@ -134,6 +134,7 @@
        int ch;
        int count = 0;
        int y,x;
+       char *ibuf = alloca(max_chars);
 
        msg_vprintf (msg, ap);
        if (def != NULL && *def) {
@@ -157,10 +158,10 @@
                        } else
                                msg_beep ();
                }
-               else if (count < max_chars && isprint(ch)) {
+               else if (count < (max_chars - 1) && isprint(ch)) {
                        if (do_echo)
                                waddch (msg_win, ch);
-                       val[count++] = ch;
+                       ibuf[count++] = ch;
                } else
                        msg_beep ();
                if (do_echo)
@@ -169,13 +170,14 @@
        if (do_echo)
                waddch(msg_win, '\n');
 
-       if (count != 0)
-               val[count] = '\0';
-
-       /* Do a string copy if needed to get default */
-       if (count == 0 && def != NULL && val != def)
-               strncpy (val, def, max_chars);
-
+       /* copy the appropriate string to the output */
+       if (count != 0) {
+               ibuf[count] = '\0';
+               strcpy(val, ibuf);              /* size known to be OK */
+       } else if (val != def) {
+               strncpy(val, def, max_chars);
+               val[max_chars - 1] = '\0';
+       }
 }
 
 void msg_prompt_addstr (char *fmt, char *def, char *val, int max_chars, ...)