Mercurial > hg > early-roguelike

comparison arogue5/main.c @ 66:c56f672244f4

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
arogue5: close security holes. Prevent whoami (player name), file_name, and score_file from being changed if the systemwide save location is being used.
author elwin
date Sat, 11 Aug 2012 16:27:20 +0000
parents a98834ce7e04
children c49f7927b0fa
comparison
equal deleted inserted replaced
65:7aff18a8d508 66:c56f672244f4
90 #endif 90 #endif
91 91
92 if ((env = getenv("ROGUEOPTS")) != NULL) 92 if ((env = getenv("ROGUEOPTS")) != NULL)
93 parse_opts(env); 93 parse_opts(env);
94 94
95 if (whoami[0] == '\0') 95 if (!use_savedir && whoami[0] == '\0')
96 strucpy(whoami, md_getusername(), strlen(md_getusername())); 96 strucpy(whoami, md_getusername(), strlen(md_getusername()));
97 97
98 if (env == NULL || fruit[0] == '\0') { 98 if (env == NULL || fruit[0] == '\0') {
99 md_srand((long)(getpid()+time(0))); 99 md_srand((long)(getpid()+time(0)));
100 strcpy(fruit, funfruit[rnd(NFRUIT)]); 100 strcpy(fruit, funfruit[rnd(NFRUIT)]);
192 if (LINES < 24 || COLS < 80) { 192 if (LINES < 24 || COLS < 80) {
193 printf("\nERROR: screen size to small for rogue\n"); 193 printf("\nERROR: screen size to small for rogue\n");
194 byebye(-1); 194 byebye(-1);
195 } 195 }
196 196
197 if ((whoami == NULL) || (*whoami == '\0') || (strcmp(whoami,"dosuser")==0)) 197 if (!use_savedir) {
198 { 198 if ((whoami == NULL) || (*whoami == '\0') ||
199 echo(); 199 (strcmp(whoami,"dosuser")==0))
200 mvaddstr(23,2,"Rogue's Name? "); 200 {
201 wgetnstr(stdscr,whoami,LINELEN); 201 echo();
202 noecho(); 202 mvaddstr(23,2,"Rogue's Name? ");
203 } 203 wgetnstr(stdscr,whoami,LINELEN);
204 204 noecho();
205 if ((whoami == NULL) || (*whoami == '\0')) 205 }
206 strcpy(whoami,"Rodney"); 206
207 if ((whoami == NULL) || (*whoami == '\0'))
208 strcpy(whoami,"Rodney");
209 }
207 210
208 setup(); 211 setup();
209 /* 212 /*
210 * Set up windows 213 * Set up windows
211 */ 214 */