From 7206a9ea73d732a061d8089d73997f5ffbacf009 Mon Sep 17 00:00:00 2001
From: Jfreegman <Jfreegman@gmail.com>
Date: Sun, 1 Jun 2014 13:36:23 -0400
Subject: [PATCH] fix another possible buffer overflow

..
---
 src/chat.c       | 5 ++++-
 src/friendlist.c | 6 ++++--
 src/prompt.c     | 4 ++--
 3 files changed, 10 insertions(+), 5 deletions(-)

diff --git a/src/chat.c b/src/chat.c
index 09926d9..603280d 100644
--- a/src/chat.c
+++ b/src/chat.c
@@ -214,8 +214,11 @@ static void chat_onStatusMessageChange(ToxWindow *self, int32_t num, uint8_t *st
         return;
 
     StatusBar *statusbar = self->stb;
+
+    status[len] = '\0';
+    snprintf(statusbar->statusmsg, sizeof(statusbar->statusmsg), "%s", status);
+    len = strlen(statusbar->statusmsg);
     statusbar->statusmsg_len = len;
-    strcpy(statusbar->statusmsg, status);
     statusbar->statusmsg[len] = '\0';
 }
 
diff --git a/src/friendlist.c b/src/friendlist.c
index d8ca16d..108b772 100644
--- a/src/friendlist.c
+++ b/src/friendlist.c
@@ -162,9 +162,11 @@ static void friendlist_onStatusMessageChange(ToxWindow *self, int32_t num, uint8
     if (len > TOX_MAX_STATUSMESSAGE_LENGTH || num >= max_friends_index)
         return;
 
-    strcpy(friends[num].statusmsg, str);
-    friends[num].statusmsg[len] = '\0';
+    str[len] = '\0';
+    snprintf(friends[num].statusmsg, sizeof(friends[num].statusmsg), "%s", str);
+    len = strlen(friends[num].statusmsg);
     friends[num].statusmsg_len = len;
+    friends[num].statusmsg[len] = '\0';
 }
 
 void friendlist_onFriendAdded(ToxWindow *self, Tox *m, int32_t num, bool sort)
diff --git a/src/prompt.c b/src/prompt.c
index 1a9f6cd..bb003c3 100644
--- a/src/prompt.c
+++ b/src/prompt.c
@@ -74,7 +74,7 @@ void prompt_update_nick(ToxWindow *prompt, uint8_t *nick, uint16_t len)
 {
     StatusBar *statusbar = prompt->stb;
     snprintf(statusbar->nick, sizeof(statusbar->nick), "%s", nick);
-    statusbar->nick_len = len;
+    statusbar->nick_len = strlen(statusbar->nick);
 }
 
 /* Updates own statusmessage in prompt statusbar */
@@ -82,7 +82,7 @@ void prompt_update_statusmessage(ToxWindow *prompt, uint8_t *statusmsg, uint16_t
 {
     StatusBar *statusbar = prompt->stb;
     snprintf(statusbar->statusmsg, sizeof(statusbar->statusmsg), "%s", statusmsg);
-    statusbar->statusmsg_len = len;
+    statusbar->statusmsg_len = strlen(statusbar->statusmsg);
 }
 
 /* Updates own status in prompt statusbar */