Mercurial > hg > early-roguelike
comparison arogue5/main.c @ 310:827441d05b3e
Advanced Rogue family: fix some potential buffer overflows.
Some code for determining the score file location assumed that PATH_MAX
would be less than 1024, which cannot be guaranteed.
Advanced Rogue 5 and 7, and XRogue, have had the buffers for the file
name enlarged. UltraRogue never called the functions, so the code has
been deleted instead.
| author | John "Elwin" Edwards |
|---|---|
| date | Mon, 03 May 2021 19:05:37 -0400 |
| parents | e52a8a7ad4c5 |
| children |
comparison
equal
deleted
inserted
replaced
| 309:11aeff9acc07 | 310:827441d05b3e |
|---|---|
| 59 | 59 |
| 60 /* | 60 /* |
| 61 * get home and options from environment | 61 * get home and options from environment |
| 62 */ | 62 */ |
| 63 strncpy(home,md_gethomedir(),LINELEN); | 63 strncpy(home,md_gethomedir(),LINELEN); |
| 64 home[LINELEN-1] = '\0'; | |
| 64 | 65 |
| 65 #ifdef SAVEDIR | 66 #ifdef SAVEDIR |
| 66 if (argc >= 3 && !strcmp(argv[1], "-n")) { | 67 if (argc >= 3 && !strcmp(argv[1], "-n")) { |
| 67 use_savedir = TRUE; | 68 use_savedir = TRUE; |
| 68 strncpy(whoami, argv[2], LINELEN); | 69 strncpy(whoami, argv[2], LINELEN); |
| 80 strcpy(file_name, home); | 81 strcpy(file_name, home); |
| 81 strcat(file_name, "arogue58.sav"); | 82 strcat(file_name, "arogue58.sav"); |
| 82 } | 83 } |
| 83 | 84 |
| 84 #ifdef SCOREFILE | 85 #ifdef SCOREFILE |
| 85 strncpy(score_file, SCOREFILE, LINELEN); | 86 strncpy(score_file, SCOREFILE, PATH_MAX); |
| 86 score_file[LINELEN - 1] = '\0'; | 87 score_file[PATH_MAX - 1] = '\0'; |
| 87 #else | 88 #else |
| 88 /* Get default score file */ | 89 /* Get default score file */ |
| 89 strcpy(score_file, roguedir); | 90 strcpy(score_file, roguedir); |
| 90 | 91 |
| 91 if (*score_file) | 92 if (*score_file) |