From fb0ef69143fb0105a669fdd65f83c3a2a0a613c3 Mon Sep 17 00:00:00 2001 From: "John \"Elwin\" Edwards" Date: Tue, 19 Oct 2021 20:39:00 -0400 Subject: [PATCH] Advanced Rogue 7: fix a string literal overwrite. pick_spell() attempted to capitalize type by overwriting the first character, changing it back later. All calls of pick_spell passed a string literal as type, and string literals should be considered immutable. This has been fixed by using a separate variable for the capitalized first character. XRogue already has a similar fix. Reported by John Harris of @Play. --- arogue7/player.c | 11 +++++------ 1 file changed, 5 insertions(+), 6 deletions(-) diff --git a/arogue7/player.c b/arogue7/player.c index 55661a0..b481759 100644 --- a/arogue7/player.c +++ b/arogue7/player.c @@ -681,12 +681,13 @@ pick_spell(struct spells spells[], int ability, int num_spells, int power, } else { /* Now display the possible spells */ + /* type_cap is a workaround for code that tried to capitalize type by + * temporarily modifying it in place. */ + char type_cap = toupper(type[0]); wclear(hw); touchwin(hw); wmove(hw, 2, 0); - *type = toupper(*type); - wprintw(hw, " Cost %s", type); - *type = tolower(*type); + wprintw(hw, " Cost %c%s", type_cap, type + 1); mvwaddstr(hw, 3, 0, "-----------------------------------------------"); maxlen = 47; /* Maximum width of header */ @@ -733,9 +734,7 @@ pick_spell(struct spells spells[], int ability, int num_spells, int power, /* Design prompts */ sprintf(label, "Current %s power is %d", type, spell_left); - *type = toupper(*type); - sprintf(title, " Cost %s", type); - *type = tolower(*type); + sprintf(title, " Cost %c%s", type_cap, type + 1); sprintf(prbuf, "Select a %s or press Cancl to continue.", type); /* Set up the main menu structure */