From d1e1521a88ef7de6275603d238d45460cd3ce227 Mon Sep 17 00:00:00 2001
From: Christophe CURIS <christophe.curis@free.fr>
Date: Sat, 15 Nov 2014 19:40:59 +0100
Subject: [PATCH] WPrefs: fix possible buffer overrun (Coverity #50216)

As pointed by Coverity, if the Keysym name is very long and many modifiers
are used, the function 'capture_shortcut' could overflow its internal
buffer.

As the case is very unlikely to appear, do not increase the size of the internal
buffer (it seems to be already well sized, and we have no know maximum size
for a Keysym name), just use the appropriate function to append the name
at the end.

Signed-off-by: Christophe CURIS <christophe.curis@free.fr>
Signed-off-by: Carlos R. Mafra <crmafra@gmail.com>
---
 WPrefs.app/KeyboardShortcuts.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/WPrefs.app/KeyboardShortcuts.c b/WPrefs.app/KeyboardShortcuts.c
index 418b2397..414d479f 100644
--- a/WPrefs.app/KeyboardShortcuts.c
+++ b/WPrefs.app/KeyboardShortcuts.c
@@ -356,7 +356,7 @@ char *capture_shortcut(Display *dpy, Bool *capturing, Bool convert_case)
 	if ((numlock_mask != Mod5Mask) && (ev.xkey.state & Mod5Mask))
 		strcat(buffer, "Mod5+");
 
-	strcat(buffer, key);
+	wstrlcat(buffer, key, sizeof(buffer));
 
 	return wstrdup(buffer);
 }