From f4171298280710e8251c50e453da28791b8d9e75 Mon Sep 17 00:00:00 2001 From: Andrei Karas Date: Wed, 29 Oct 2014 21:00:13 +0300 Subject: Fix possible buffer overflow in irc channel name parsing. --- src/map/clif.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'src/map') diff --git a/src/map/clif.c b/src/map/clif.c index b9cd4cbaf..a93bf0802 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -2703,14 +2703,15 @@ void read_channels_config(void) { } else { unsigned char d = 0, dlen = strlen(irc_server); char server[40]; - + if (dlen > 39) + dlen = 39; memset(server, '\0', sizeof(server)); for(d = 0; d < dlen; d++) { if(irc_server[d] == ':') { memcpy(server, irc_server, d); safestrncpy(hChSys.irc_server, server, 40); - memcpy(server, &irc_server[d+1], dlen); + memcpy(server, &irc_server[d+1], dlen - d - 1); hChSys.irc_server_port = atoi(server); break; } -- cgit v1.2.3-70-g09d2