summaryrefslogtreecommitdiff
path: root/src/char
diff options
context:
space:
mode:
authorshennetsind <ind@henn.et>2015-01-17 15:59:12 -0200
committershennetsind <ind@henn.et>2015-01-17 15:59:12 -0200
commit84b88781a0c39f7379ed85f74dc03c4e868a171f (patch)
tree41f0392d7d872fb038b42ddc82bde56be4582e47 /src/char
parent36fa0940d5c97457f7093d81e7d298c88dac14af (diff)
downloadhercules-84b88781a0c39f7379ed85f74dc03c4e868a171f.tar.gz
hercules-84b88781a0c39f7379ed85f74dc03c4e868a171f.tar.bz2
hercules-84b88781a0c39f7379ed85f74dc03c4e868a171f.tar.xz
hercules-84b88781a0c39f7379ed85f74dc03c4e868a171f.zip
10 Distinct fixes
Addressing out of bounds read-write. Special Thanks to 4144, Haruna! Signed-off-by: shennetsind <ind@henn.et>
Diffstat (limited to 'src/char')
-rw-r--r--src/char/pincode.c10
1 files changed, 5 insertions, 5 deletions
diff --git a/src/char/pincode.c b/src/char/pincode.c
index a3843ff53..e0ee9557d 100644
--- a/src/char/pincode.c
+++ b/src/char/pincode.c
@@ -44,7 +44,7 @@ void pincode_handle ( int fd, struct char_session_data* sd ) {
void pincode_check(int fd, struct char_session_data* sd) {
char pin[5] = "\0\0\0\0";
- strncpy(pin, (char*)RFIFOP(fd, 6), 4+1);
+ safestrncpy(pin, (char*)RFIFOP(fd, 6), sizeof(pin));
pincode->decrypt(sd->pincode_seed, pin);
if( pincode->compare( fd, sd, pin ) ){
struct online_char_data* character;
@@ -70,12 +70,12 @@ int pincode_compare(int fd, struct char_session_data* sd, char* pin) {
void pincode_change(int fd, struct char_session_data* sd) {
char oldpin[5] = "\0\0\0\0", newpin[5] = "\0\0\0\0";
- strncpy(oldpin, (char*)RFIFOP(fd,6), sizeof(oldpin));
+ safestrncpy(oldpin, (char*)RFIFOP(fd,6), sizeof(oldpin));
pincode->decrypt(sd->pincode_seed,oldpin);
if( !pincode->compare( fd, sd, oldpin ) )
return;
- strncpy(newpin, (char*)RFIFOP(fd,10), sizeof(newpin));
+ safestrncpy(newpin, (char*)RFIFOP(fd,10), sizeof(newpin));
pincode->decrypt(sd->pincode_seed,newpin);
pincode->update( sd->account_id, newpin );
strncpy(sd->pincode, newpin, sizeof(sd->pincode));
@@ -85,10 +85,10 @@ void pincode_change(int fd, struct char_session_data* sd) {
void pincode_setnew(int fd, struct char_session_data* sd) {
char newpin[5] = "\0\0\0\0";
- strncpy(newpin, (char*)RFIFOP(fd,6), sizeof(newpin));
+ safestrncpy(newpin, (char*)RFIFOP(fd,6), sizeof(newpin));
pincode->decrypt(sd->pincode_seed,newpin);
pincode->update( sd->account_id, newpin );
- strncpy(sd->pincode, newpin, sizeof(sd->pincode));
+ safestrncpy(sd->pincode, newpin, sizeof(sd->pincode));
pincode->sendstate( fd, sd, PINCODE_ASK );
}