From 9f700e7d761cd2ebc58ec800ca5be9cc3aa424e8 Mon Sep 17 00:00:00 2001
From: Mamoru TASAKA <mtasaka@fedoraproject.org>
Date: Mon, 15 Sep 2014 21:55:06 +0900
Subject: [PATCH] demo-Gtk-conf/de_stringify: fix memmove usage

gcc sanitizer detected the following error on xscreensaver-demo:

==29615==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x6030001b51ef at pc 0x444a4d bp 0x7fff8ad132d0 sp 0x7fff8ad132c0
READ of size 1 at 0x6030001b51ef thread T0
    #0 0x444a4c in memmove /usr/include/bits/string3.h:57
    #1 0x444a4c in de_stringify ../../driver/demo-Gtk-conf.c:1172
    #2 0x444a4c in tokenize_command_line ../../driver/demo-Gtk-conf.c:1400
    #3 0x444a4c in parse_command_line_into_parameters ../../driver/demo-Gtk-conf.c:1423
    #4 0x44bd85 in load_configurator_1 ../../driver/demo-Gtk-conf.c:1863
    #5 0x44c5ca in load_configurator ../../driver/demo-Gtk-conf.c:1934
    #6 0x42f778 in populate_popup_window ../../driver/demo-Gtk.c:2984
    #7 0x437dfc in list_select_changed_cb ../../driver/demo-Gtk.c:1939
....
....

In de_stringify, char *s has strlen(s) + 1 valid bytes (including null character terminater),
so s + 1 has strlen(s) valid bytes, not strlen(s) + 1.
Fix memmove arguments as such.
---
 driver/demo-Gtk-conf.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/driver/demo-Gtk-conf.c b/driver/demo-Gtk-conf.c
index 2f03a12..ab6fdd8 100644
--- a/driver/demo-Gtk-conf.c
+++ b/driver/demo-Gtk-conf.c
@@ -1169,7 +1169,7 @@ de_stringify (char *s)
   char q = s[0];
   if (q != '\'' && q != '\"' && q != '`')
     abort();
-  memmove (s, s+1, strlen (s)+1);
+  memmove (s, s+1, strlen (s));
   while (*s && *s != q)
     {
       if (*s == '\\')
-- 
2.1.0