Mercurial > hg > early-roguelike
view srogue/Makefile.in @ 176:db1c9a21a7c3
srogue: prevent overflowing the score file name.
If SCOREFILE is not defined, roguehome() is called to find a directory
for the score file. It copies up to PATH_MAX-20 bytes from an
environment variable to a static buffer. Later these are strcpy()'d to
scorefile, which is of size LINLEN. Unfortunately LINLEN is 80 and
PATH_MAX is at least 256. On Linux, it happens to be 4096.
I haven't yet managed to crash or exploit it, but there are surely no
beneficial consequences, so roguehome() has been modified to check the
length, and the string it returns is also checked in main().
author | John "Elwin" Edwards |
---|---|
date | Sun, 02 Aug 2015 12:14:47 -0400 |
parents | 97f8fdf9595c |
children | a666e4a034ed |
line wrap: on
line source
# Makefile for rogue # %W% (Berkeley) %G% # # Super-Rogue # Copyright (C) 1984 Robert D. Kindelberger # All rights reserved. # # Based on "Rogue: Exploring the Dungeons of Doom" # Copyright (C) 1980, 1981 Michael Toy, Ken Arnold and Glenn Wichman # All rights reserved. # # See the file LICENSE.TXT for full copyright and licensing information. DISTNAME=@PACKAGE_TARNAME@@PACKAGE_VERSION@ PACKAGE_TARNAME=@PACKAGE_TARNAME@-@PACKAGE_VERSION@ PROGRAM=@PROGRAM@ SCOREFILE=@SCOREFILE@ LOGFILE=@LOGFILE@ SAVEDIR=@SAVEDIR@ GROUPOWNER=@GROUPOWNER@ DESTDIR= prefix=@prefix@ exec_prefix=@exec_prefix@ datarootdir=@datarootdir@ bindir=@bindir@ docdir=@docdir@ HDRS= bob.h cx.h ncx.h rdk.h rogue.h config.h OBJS= vers.o armor.o chase.o command.o daemon.o daemons.o disply.o encumb.o \ fight.o global.o init.o io.o list.o main.o mdport.o misc.o monsters.o \ move.o new_leve.o options.o pack.o passages.o potions.o pstats.o \ rings.o rip.o rooms.o save.o scrolls.o state.o sticks.o things.o \ trader.o weapons.o wizard.o xcrypt.o CFILES= vers.c armor.c chase.c command.c daemon.c daemons.c disply.c encumb.c \ fight.c global.c init.c io.c list.c main.c mdport.c misc.c monsters.c \ move.c new_leve.c options.c pack.c passages.c potions.c pstats.c \ rings.c rip.c rooms.c save.c scrolls.c state.c sticks.c things.c \ trader.c weapons.c wizard.c xcrypt.c MISC= Makefile LICENSE.TXT rogue.nr CC = gcc CFLAGS= CPPFLAGS=@DEFS@ CRLIB = -lcurses RM = rm -f TAR = tar INSTALL=@INSTALL@ $(PROGRAM): $(HDRS) $(OBJS) $(CC) $(CFLAGS) $(LDFLAGS) $(OBJS) $(CRLIB) -o $@ tags: $(HDRS) $(CFILES) ctags -u $? ed - tags < :ctfix sort tags -o tags lint: lint -hxbc $(CFILES) $(CRLIB) > linterrs clean: rm -f $(OBJS) core rm -f $(PROGRAM) $(PROGRAM).exe $(PROGRAM) $(PROGRAM).exe $(PROGRAM).tar $(PROGRAM).tar.gz $(PROGRAM).doc install: $(PROGRAM) -touch test -if test ! -f $(DESTDIR)$(SCOREFILE) ; \ then $(INSTALL) -m 0664 test $(DESTDIR)$(SCOREFILE) ; fi -if test "x$(LOGFILE)" != "x" && test ! -f $(DESTDIR)$(LOGFILE) ; then \ $(INSTALL) -m 0664 test $(DESTDIR)$(LOGFILE) ; fi -if test "x$(SAVEDIR)" != "x" && test ! -d $(DESTDIR)$(SAVEDIR) ; then \ mkdir -p $(DESTDIR)$(SAVEDIR) ; fi -$(INSTALL) -m 0755 $(PROGRAM) $(DESTDIR)$(bindir)/$(PROGRAM) -if test "x$(GROUPOWNER)" != "x" ; then \ chgrp $(GROUPOWNER) $(DESTDIR)$(SCOREFILE) ; \ chgrp $(GROUPOWNER) $(DESTDIR)$(LOGFILE) ; \ chgrp $(GROUPOWNER) $(DESTDIR)$(bindir)/$(PROGRAM) ; \ chgrp $(GROUPOWNER) $(DESTDIR)$(SAVEDIR) ; \ chmod 02755 $(DESTDIR)$(bindir)/$(PROGRAM) ; \ chmod 0464 $(DESTDIR)$(SCOREFILE) ; \ chmod 0464 $(DESTDIR)$(LOGFILE) ; \ chmod 0775 $(DESTDIR)$(SAVEDIR) ; \ fi -if test ! -d $(DESTDIR)$(docdir) ; \ then mkdir -p $(DESTDIR)$(docdir) ; fi -$(INSTALL) -m 0644 LICENSE.TXT $(DESTDIR)$(docdir)/LICENSE.TXT -$(INSTALL) -m 0644 rogue.nr $(DESTDIR)$(docdir)/$(PROGRAM).nr -$(RM) test uninstall: -$(RM) $(DESTDIR)$(bindir)/$(PROGRAM) -$(RM) $(DESTDIR)$(docdir)/LICENSE.TXT -$(RM) $(DESTDIR)$(docdir)/$(PROGRAM).nr -rmdir $(DESTDIR)$(docdir) reinstall: uninstall install count: wc -l $(HDRS) $(CFILES) realcount: cc -E $(CFILES) | ssp - | wc -l update: ar uv .SAVE $(CFILES) $(HDRS) $(MISC) dist: @mkdir dist cp $(CFILES) $(HDRS) $(MISC) dist dist.src: make clean tar cf $(DISTNAME)-src.tar $(CFILES) $(HDRS) $(MISC) gzip -f $(DISTNAME)-src.tar dist.irix: make clean make CC=cc CFLAGS="-woff 1116 -O3" $(PROGRAM) tbl rogue.nr | nroff -mm | colcrt - > $(PROGRAM).doc tar cf $(DISTNAME)-irix.tar $(PROGRAM) LICENSE.TXT $(PROGRAM).doc gzip -f $(DISTNAME)-irix.tar debug.aix: make clean make CC=xlc CFLAGS="-qmaxmem=16768 -g -DWIZARD -qstrict" $(PROGRAM) dist.aix: make clean make CC=xlc CFLAGS="-qmaxmem=16768 -O3 -qstrict" $(PROGRAM) tbl rogue.nr | nroff -mm | colcrt - > $(PROGRAM).doc tar cf $(DISTNAME)-aix.tar $(PROGRAM) LICENSE.TXT $(PROGRAM).doc gzip -f $(DISTNAME)-aix.tar debug.linux: make clean make CFLAGS="-g -DWIZARD" $(PROGRAM) dist.linux: make clean make $(PROGRAM) groff -P-c -t -mm -Tascii rogue.nr | sed -e 's/.\x08//g' >$(PROGRAM).doc tar cf $(DISTNAME)-linux.tar $(PROGRAM) LICENSE.TXT $(PROGRAM).doc gzip -f $(DISTNAME)-linux.tar debug.interix: make clean make CFLAGS="-g3 -DWIZARD" $(PROGRAM) dist.interix: make clean make $(PROGRAM) groff -P-b -P-u -t -mm -Tascii rogue.nr > $(PROGRAM).doc tar cf $(DISTNAME)-interix.tar $(PROGRAM) LICENSE.TXT $(PROGRAM).doc gzip -f $(DISTNAME)-interix.tar debug.cygwin: make clean make CFLAGS="-g3 -DWIZARD" $(PROGRAM) dist.cygwin: make clean make $(PROGRAM) groff -P-c -t -mm -Tascii rogue.nr | sed -e 's/.\x08//g' >$(PROGRAM).doc tar cf $(DISTNAME)-cygwin.tar $(PROGRAM).exe LICENSE.TXT $(PROGRAM).doc gzip -f $(DISTNAME)-cygwin.tar debug.djgpp: make clean make CFGLAGS="-g3 -DWIZARD" LDFLAGS="-L$(DJDIR)/LIB" CRLIB="-lpdcurses" $(PROGRAM) dist.djgpp: make clean make LDFLAGS="-L$(DJDIR)/LIB" CRLIB="-lpdcurses" $(PROGRAM) groff -t -mm -Tascii rogue.nr | sed -e 's/.\x08//g' > $(PROGRAM).doc rm -f $(DISTNAME)-djgpp.zip zip $(DISTNAME)-djgpp.zip $(PROGRAM).exe LICENSE.TXT $(PROGRAM).doc