fixed a few buffer overruns

strncpy does not always terminate strings. Unterminated strings (without a length) are bad. So better terminate them.
author: Helmut Grohne <helmut@subdivi.de> 2010-01-19 20:24:19 +0100
committer: Jared Adams <jaxad0127@gmail.com> 2010-01-19 18:39:39 +0000
commit: 67e82f1a0bc2a9078cfe11e0add190fa7cc4b891 (patch)
tree: ec2f2134d4c6b1a037c18fb65bdd3ef18a4efb8e /src/map/clif.c
parent: abe96e3b05a99a984d6f00098f1aa9759814b542 (diff)
download: tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.gz
tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.bz2
tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.xz
tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.zip
1 files changed, 2 insertions, 2 deletions
diff --git a/src/map/clif.c b/src/map/clif.c
index c3099d7..86be79c 100644
--- a/src/map/clif.c
+++ b/src/map/clif.c
@@ -8204,14 +8204,14 @@ void clif_parse_NpcStringInput (int fd, struct map_session_data *sd)
 
     len = RFIFOW (fd, 2) - 7;
 
-    if (len >= sizeof (sd->npc_str))
+    if (len >= sizeof (sd->npc_str)-1)
     {
         printf ("clif: input string too long !\n");
         memcpy (sd->npc_str, RFIFOP (fd, 8), sizeof (sd->npc_str));
-        sd->npc_str[sizeof (sd->npc_str) - 1] = 0;
     }
     else
         strncpy (sd->npc_str, RFIFOP (fd, 8), len);
+    sd->npc_str[sizeof (sd->npc_str) - 1] = 0;
     map_scriptcont (sd, RFIFOL (fd, 4));
 }
author	Helmut Grohne <helmut@subdivi.de>	2010-01-19 20:24:19 +0100
committer	Jared Adams <jaxad0127@gmail.com>	2010-01-19 18:39:39 +0000
commit	67e82f1a0bc2a9078cfe11e0add190fa7cc4b891 (patch)
tree	ec2f2134d4c6b1a037c18fb65bdd3ef18a4efb8e /src/map/clif.c
parent	abe96e3b05a99a984d6f00098f1aa9759814b542 (diff)
download	tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.gz tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.bz2 tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.xz tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.zip