Mercurial > hg > early-roguelike

comparison arogue5/mdport.c @ 310:827441d05b3e

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
Advanced Rogue family: fix some potential buffer overflows. Some code for determining the score file location assumed that PATH_MAX would be less than 1024, which cannot be guaranteed. Advanced Rogue 5 and 7, and XRogue, have had the buffers for the file name enlarged. UltraRogue never called the functions, so the code has been deleted instead.
author John "Elwin" Edwards
date Mon, 03 May 2021 19:05:37 -0400
parents e52a8a7ad4c5
children
comparison
equal deleted inserted replaced
309:11aeff9acc07 310:827441d05b3e
416 } 416 }
417 417
418 char * 418 char *
419 md_getroguedir(void) 419 md_getroguedir(void)
420 { 420 {
421 static char path[1024]; 421 static char path[PATH_MAX-20];
422 char *end,*home; 422 char *end,*home;
423 423
424 if ( (home = getenv("ROGUEHOME")) != NULL) 424 if ( (home = getenv("ROGUEHOME")) != NULL)
425 { 425 {
426 if (*home) 426 if (*home)
427 { 427 {
428 strncpy(path, home, PATH_MAX - 20); 428 strncpy(path, home, PATH_MAX - 20);
429 429
430 end = &path[strlen(path)-1]; 430 if (path[PATH_MAX-21] == '\0')
431 431 {
432 while( (end >= path) && ((*end == '/') || (*end == '\\'))) 432
433 *end-- = '\0'; 433 end = &path[strlen(path)-1];
434 434
435 if (directory_exists(path)) 435 while( (end >= path) && ((*end == '/') || (*end == '\\')))
436 return(path); 436 *end-- = '\0';
437
438 if (directory_exists(path))
439 return(path);
440 }
437 } 441 }
438 } 442 }
439 443
440 if (directory_exists("/var/games/roguelike")) 444 if (directory_exists("/var/games/roguelike"))
441 return("/var/games/roguelike"); 445 return("/var/games/roguelike");