From c4ef955ff1528d10646ca98a331ca9bfbde150f1 Mon Sep 17 00:00:00 2001
From: fedir <f.kovalyoff@tutanota.de>
Date: Tue, 15 Apr 2025 19:02:36 +0200
Subject: [PATCH] Added a cleaner way of allocating the zenity command.

---
 src/ui-socket.c | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/src/ui-socket.c b/src/ui-socket.c
index 166227b..2c921cc 100644
--- a/src/ui-socket.c
+++ b/src/ui-socket.c
@@ -64,14 +64,23 @@ void destroy_ui_socket(void) {
  */
 access_t ask_access(const char *filename, struct process_info proc_info) {
   FILE *fp = NULL;
-  size_t command_len =
-      139 + sizeof(pid_t) * 8 + strlen(proc_info.name) + strlen(filename);
-  char *command = (char *)malloc(command_len);
-  snprintf(command, command_len,
-           "zenity --question --extra-button \"Allow this time\" --title "
-           "\"Allow Access?\" --text \"Allow process "
-           "<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
-           proc_info.name, proc_info.PID, filename);
+  char *command = NULL;
+  int ret =
+      asprintf(&command,
+               "zenity --question --extra-button \"Allow this time\" --title "
+               "\"Allow Access?\" --text \"Allow process "
+               "<tt>%s</tt> with PID <tt>%d</tt> to access <tt>%s</tt>\"",
+               proc_info.name, proc_info.PID, filename);
+
+  if (ret < 0) {
+    // If asprintf fails, the contents of command are undefined (see man
+    // asprintf). That does not explicitly rule out that command will be a valid
+    // pointer. But the risk of freeing a non-allocated pointer is too much to
+    // justify preparing for this.
+    fprintf(stderr, "Could not create query on rule insertion");
+    perror("");
+    return 1;
+  }
 
   // Zenity Question Message Popup
   fp = popen(command, "r");