From 40c42543184ebed1957f7213d44944a2f3a2ab7a Mon Sep 17 00:00:00 2001
From: Qualys Security Advisory <qsa@qualys.com>
Date: Thu, 1 Jan 1970 00:00:00 +0000
Subject: [PATCH] pgrep: Always null-terminate the cmd*[] buffers.

Otherwise, man strncpy: "If there is no null byte among the first n
bytes of src, the string placed in dest will not be null-terminated."
---
 pgrep.c | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/pgrep.c b/pgrep.c
index 4199ac44..91ab1414 100644
--- a/pgrep.c
+++ b/pgrep.c
@@ -573,16 +573,18 @@ static struct el * select_procs (int *num)
 
 		if (opt_long || opt_longlong || (match && opt_pattern)) {
 			if (opt_longlong && task.cmdline)
-				strncpy (cmdoutput, cmdline, CMDSTRSIZE);
+				strncpy (cmdoutput, cmdline, sizeof cmdoutput - 1);
 			else
-				strncpy (cmdoutput, task.cmd, CMDSTRSIZE);
+				strncpy (cmdoutput, task.cmd, sizeof cmdoutput - 1);
+			cmdoutput[sizeof cmdoutput - 1] = '\0';
 		}
 
 		if (match && opt_pattern) {
 			if (opt_full && task.cmdline)
-				strncpy (cmdsearch, cmdline, CMDSTRSIZE);
+				strncpy (cmdsearch, cmdline, sizeof cmdsearch - 1);
 			else
-				strncpy (cmdsearch, task.cmd, CMDSTRSIZE);
+				strncpy (cmdsearch, task.cmd, sizeof cmdsearch - 1);
+			cmdsearch[sizeof cmdsearch - 1] = '\0';
 
 			if (regexec (preg, cmdsearch, 0, NULL, 0) != 0)
 				match = 0;
-- 
2.40.0