From de51c9830a075eba1d964b787ac48236f37eaafb Mon Sep 17 00:00:00 2001
From: Tom MTT <tom@heimdall.pm>
Date: Mon, 21 Nov 2022 19:31:20 +0100
Subject: [PATCH] fix(bin.c): safer generate_id()

set next byte of ID to zero each time a new character is appended to
prevent undefined behaviours.
---
 bin.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)

diff --git a/bin.c b/bin.c
index f5d5801..df35119 100644
--- a/bin.c
+++ b/bin.c
@@ -34,7 +34,7 @@ char *generate_id(int min_length)
 
     /* allocate a buffer to store the ID */
     char *buffer;
-    if ((buffer = calloc(length + 1, sizeof(char))) == NULL)
+    if ((buffer = malloc((length + 1) * sizeof(char))) == NULL)
         return NULL;
 
     /* for each letter, generate a random one */
@@ -43,6 +43,7 @@ char *generate_id(int min_length)
             return NULL;
 
         buffer[i]     = id_symbols[rand() % strlen(id_symbols)];
+        buffer[i + 1] = 0;
 
         /* collision? */
         if (i == length - 1 && paste_exists(buffer)) {
@@ -54,12 +55,10 @@ char *generate_id(int min_length)
                 free(buffer);
                 return NULL;
             }
-
             buffer = tmp;
         }
     }
 
-    buffer[length] = 0;
     return buffer;
 }