From d21fbe0b2ff82b420a6b60748209bb41355f97c0 Mon Sep 17 00:00:00 2001
From: philsmd <philsmd@hashcat.net>
Date: Wed, 15 Feb 2017 13:45:02 +0100
Subject: [PATCH] tainted string: test #2, try to limit the length of the
 compute variable

---
 src/shared.c | 12 ++++++------
 1 file changed, 6 insertions(+), 6 deletions(-)

diff --git a/src/shared.c b/src/shared.c
index f6d4bbfa2..7c86a8912 100644
--- a/src/shared.c
+++ b/src/shared.c
@@ -258,18 +258,18 @@ void setup_environment_variables ()
   {
     static char display[100];
 
-    snprintf (display, sizeof (display) - 1, "DISPLAY=%s", compute);
+    u32 compute_len_max = sizeof (display);
 
     // we only use this check to avoid "tainted string" warnings
 
-    u32 display_len_max = sizeof (display);
+    u32 compute_len = strnlen (compute, compute_len_max);
 
-    u32 display_len = strnlen (display, display_len_max);
-
-    if (display_len > 0) // should be always true
+    if (compute_len > 0) // should be always true
     {
-      if (display_len < display_len_max) // some upper bound is always good
+      if (compute_len < compute_len_max) // some upper bound is always good
       {
+        snprintf (display, compute_len_max, "DISPLAY=%s", compute);
+
         putenv (display);
       }
     }