From 21088fe86a606ebc3293ff0a4293869bdff7ad9c Mon Sep 17 00:00:00 2001 From: "copilot-swe-agent[bot]" <198982749+Copilot@users.noreply.github.com> Date: Wed, 18 Feb 2026 09:01:20 +0000 Subject: [PATCH] Final refinements for security and performance - Add explicit null termination for consistency - Optimize string concatenation to avoid redundant strlen calls - Track actual characters added to maintain O(n) complexity - Improve code clarity with better comments Co-authored-by: squassina <8495707+squassina@users.noreply.github.com> --- src/config/parse_config.h | 17 +++++++++++++---- src/fetch/common.h | 3 ++- 2 files changed, 15 insertions(+), 5 deletions(-) diff --git a/src/config/parse_config.h b/src/config/parse_config.h index 9226fb53..cb1cb36f 100644 --- a/src/config/parse_config.h +++ b/src/config/parse_config.h @@ -601,12 +601,21 @@ static char *combine_args_until_empty(char *values[], int count) { size_t current_len = 0; for (int i = 0; i < first_empty; i++) { if (i > 0 && current_len < total_len) { - strncat(combined, ",", total_len - current_len); - current_len = strlen(combined); + size_t remaining = total_len - current_len; + size_t to_add = (remaining < 1) ? 0 : 1; + if (to_add > 0) { + strncat(combined, ",", remaining); + current_len += to_add; // We know we added 1 character + } } if (current_len < total_len) { - strncat(combined, values[i], total_len - current_len); - current_len = strlen(combined); + size_t remaining = total_len - current_len; + size_t val_len = strlen(values[i]); + size_t to_add = (val_len < remaining) ? val_len : remaining; + if (to_add > 0) { + strncat(combined, values[i], remaining); + current_len += to_add; + } } } diff --git a/src/fetch/common.h b/src/fetch/common.h index dde1c800..18d90232 100644 --- a/src/fetch/common.h +++ b/src/fetch/common.h @@ -77,8 +77,9 @@ void get_layout_abbr(char *abbr, const char *full_name) { abbr[2] = '\0'; } else { // 5. 最终回退:返回 "xx" - // strncpy will null-terminate since source is shorter than buffer + // Explicit null termination for consistency strncpy(abbr, "xx", LAYOUT_ABBR_SIZE - 1); + abbr[LAYOUT_ABBR_SIZE - 1] = '\0'; } }