From b888adc78493115b32d09da614e61791cc780a47 Mon Sep 17 00:00:00 2001
From: Devin Teske <dteske@FreeBSD.org>
Date: Wed, 27 Jan 2016 06:21:35 +0000
Subject: [PATCH] Fix a crash if `-D' is used without `-t title'

dialog(3)'s dlg_reallocate_gauge(), used both by dialog(3)'s dialog_gauge()
and dialog(1)'s `--gauge', will segmentation fault in strlen(3) if no title
is set for the widget. Reproducible with `dialog --gauge hi 6 20' (adding
`--title ""' is enough to prevent segmentation fault).

MFC after:	3 days
X-MFC-to:	stable/10
---
 lib/libdpv/dialog_util.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/lib/libdpv/dialog_util.c b/lib/libdpv/dialog_util.c
index d047a25e5ae3..267d7a56dfdb 100644
--- a/lib/libdpv/dialog_util.c
+++ b/lib/libdpv/dialog_util.c
@@ -261,6 +261,13 @@ dialog_spawn_gauge(char *init_prompt, pid_t *pid)
 			errx(EXIT_FAILURE, "Out of memory?!");
 		sprintf(dargv[n++], "--title");
 		dargv[n++] = title;
+	} else {
+		if ((dargv[n] = malloc(8)) == NULL)
+			errx(EXIT_FAILURE, "Out of memory?!");
+		sprintf(dargv[n++], "--title");
+		if ((dargv[n] = malloc(8)) == NULL)
+			errx(EXIT_FAILURE, "Out of memory?!");
+		sprintf(dargv[n++], "");
 	}
 	if (backtitle != NULL) {
 		if ((dargv[n] = malloc(12)) == NULL)