ps/output.c: Always null-terminate outbuf in show_one_proc().

Before "strlen(outbuf)", if one of the pr_*() functions forgot to do it.
This prevents an out-of-bounds read in strlen(), and an out-of-bounds
write in "outbuf[sz] = '\n'". Another solution would be to replace
strlen() with strnlen(), but this is not used anywhere else in the
code-base and may not exist in all libc's.

diff --git a/ps/output.c b/ps/output.c
index a60c98e8eaa3330a70686a246fabde42ad6d8447..e718f198fd5921073824696826df7093c6f20f29 100644 (file)
--- a/ps/output.c
+++ b/ps/output.c
@@ -2120,6 +2120,7 @@ void show_one_proc(const proc_t *restrict const p, const format_node *restrict f
     if(unlikely(space>SPACE_AMOUNT)) space=SPACE_AMOUNT;  // only so much available
 
     /* real size -- don't forget in 'amount' is number of cells */
+    outbuf[OUTBUF_SIZE-1] = '\0';
     sz = strlen(outbuf);
 
     /* print data, set x position stuff */