diff options
| author | Helmut Grohne <helmut@subdivi.de> | 2010-01-19 20:24:19 +0100 |
|---|---|---|
| committer | Jared Adams <jaxad0127@gmail.com> | 2010-01-19 18:39:39 +0000 |
| commit | 67e82f1a0bc2a9078cfe11e0add190fa7cc4b891 (patch) | |
| tree | ec2f2134d4c6b1a037c18fb65bdd3ef18a4efb8e /src/map/script.c | |
| parent | abe96e3b05a99a984d6f00098f1aa9759814b542 (diff) | |
| download | tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.gz tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.bz2 tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.tar.xz tmwa-67e82f1a0bc2a9078cfe11e0add190fa7cc4b891.zip | |
fixed a few buffer overruns
strncpy does not always terminate strings. Unterminated strings
(without a length) are bad. So better terminate them.
Diffstat (limited to 'src/map/script.c')
| -rw-r--r-- | src/map/script.c | 7 |
1 files changed, 4 insertions, 3 deletions
diff --git a/src/map/script.c b/src/map/script.c index bbde20c..03a092e 100644 --- a/src/map/script.c +++ b/src/map/script.c @@ -5691,7 +5691,7 @@ int buildin_getcastlename (struct script_state *st) if (strcmp (mapname, gc->map_name) == 0) { buf = (char *) aCalloc (24, sizeof (char)); - strncpy (buf, gc->castle_name, 24); + strncpy (buf, gc->castle_name, 23); break; } } @@ -6942,10 +6942,10 @@ int buildin_getsavepoint (struct script_state *st) x = sd->status.save_point.x; y = sd->status.save_point.y; - strncpy (mapname, sd->status.save_point.map, 24); switch (type) { case 0: + strncpy (mapname, sd->status.save_point.map, 23); push_str (st->stack, C_STR, mapname); break; case 1: @@ -7068,7 +7068,8 @@ int buildin_fakenpcname (struct script_state *st) nd = npc_name2id (name); if (!nd) return 1; - strncpy (nd->name, newname, 24); + strncpy (nd->name, newname, sizeof(nd->name)-1); + nd->name[sizeof(nd->name)-1] = '\0'; nd->class = newsprite; // Refresh this npc |