From 00c80cb6fcca40cfc421fe3fc181115ac4907191 Mon Sep 17 00:00:00 2001
From: ailin-nemui <ailin-nemui@users.noreply.github.com>
Date: Sat, 7 Oct 2017 20:45:13 +0200
Subject: [PATCH] fix out of bounds read in compress_colors
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Reported by Hanno Böck.

Fixes GL#12
---
 src/fe-common/core/themes.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/src/fe-common/core/themes.c b/src/fe-common/core/themes.c
index 2b1459be..cb1cce8f 100644
--- a/src/fe-common/core/themes.c
+++ b/src/fe-common/core/themes.c
@@ -587,7 +587,7 @@ static char *theme_format_compress_colors(THEME_REC *theme, const char *format)
 			/* a normal character */
 			g_string_append_c(str, *format);
 			format++;
-		} else {
+		} else if (format[1] != '\0') {
 			/* %format */
 			format++;
 			if (IS_OLD_FORMAT(*format, last_fg, last_bg)) {
@@ -614,6 +614,11 @@ static char *theme_format_compress_colors(THEME_REC *theme, const char *format)
 					last_bg = '\0';
 			}
 			format++;
+		} else {
+			/* % at end of string */
+			format++;
+			g_string_append_c(str, '%');
+			g_string_append_c(str, '%');
 		}
 	}