Guarantee command buffer is a string.

We receive a command from the network and, thus, need to validate it's a
proper string.

diff --git a/message.c b/message.c
index 2074549..1d6c22e 100644 (file)
--- a/message.c
+++ b/message.c
@@ -38,6 +38,8 @@ static void command(char *buffer, size_t len, GSocketAddress *address)
 {
        gchar **args;
        args = g_strsplit(buffer, " ", -1);
+       if (args == NULL)
+               return;
        menu_run(args, address);
        g_strfreev(args);
 }
@@ -55,8 +57,9 @@ gboolean message_incoming(GIOChannel *channel, GIOCondition cond, gpointer data)
        if (len <= 0) {
                goto out;
        }
-       buffer = g_malloc(len);
+       buffer = g_malloc(len + 1);
        len = g_socket_receive_from(gusock, &address, buffer, len, NULL, NULL);
+       buffer[len] = 0;
        iaddress = g_inet_socket_address_get_address(G_INET_SOCKET_ADDRESS(address));
        if (g_inet_address_get_is_loopback(iaddress)) {
                command(buffer, len, address);