[settings] Avoid overwriting the start of .text in fetch_string_setting()

fetch_string_setting() was subtracting one from the length of the
to-be-NUL-terminated buffer in order to obtain the length of the
unterminated buffer to be passed to fetch_setting().  This works
extremely well unless the length of the to-be-NUL-terminated buffer is
zero, at which point we end up giving fetch_setting() a buffer of
length -1UL, thereby inviting it to overwrite as much memory as it
wants...

diff --git a/src/core/settings.c b/src/core/settings.c
index 7525318..e660ae7 100644 (file)
--- a/src/core/settings.c
+++ b/src/core/settings.c
@@ -381,7 +381,8 @@ int fetch_setting_len ( struct settings *settings, struct setting *setting ) {
 int fetch_string_setting ( struct settings *settings, struct setting *setting,
                           char *data, size_t len ) {
        memset ( data, 0, len );
-       return fetch_setting ( settings, setting, data, ( len - 1 ) );
+       return fetch_setting ( settings, setting, data,
+                              ( ( len > 0 ) ? ( len - 1 ) : 0 ) );
 }
 
 /**