Mercurial > hg > early-roguelike
diff xrogue/main.c @ 310:827441d05b3e
Advanced Rogue family: fix some potential buffer overflows.
Some code for determining the score file location assumed that PATH_MAX
would be less than 1024, which cannot be guaranteed.
Advanced Rogue 5 and 7, and XRogue, have had the buffers for the file
name enlarged. UltraRogue never called the functions, so the code has
been deleted instead.
author | John "Elwin" Edwards |
---|---|
date | Mon, 03 May 2021 19:05:37 -0400 |
parents | e52a8a7ad4c5 |
children |
line wrap: on
line diff
--- a/xrogue/main.c Sun May 02 21:54:11 2021 -0400 +++ b/xrogue/main.c Mon May 03 19:05:37 2021 -0400 @@ -20,6 +20,7 @@ #include <string.h> #include <curses.h> #include <signal.h> +#include <limits.h> #include <time.h> #include "mach_dep.h" @@ -44,6 +45,7 @@ */ strncpy(home, md_gethomedir(), LINELEN); + home[LINELEN-1] = '\0'; /* Get default save file */ strcpy(file_name, home); @@ -51,8 +53,8 @@ /* Get default score file */ #ifdef SCOREFILE - strncpy(score_file, SCOREFILE, LINELEN); - score_file[LINELEN-1] = '\0'; + strncpy(score_file, SCOREFILE, PATH_MAX); + score_file[PATH_MAX-1] = '\0'; #else strcpy(score_file, md_getroguedir());