diff options
| author | Haru <haru@dotalux.com> | 2015-12-22 03:29:39 +0100 |
|---|---|---|
| committer | Haru <haru@dotalux.com> | 2015-12-22 04:11:51 +0100 |
| commit | b5021bf40bb1d0a6d38d7b85789703dc12a26180 (patch) | |
| tree | ad1d079c81e01f6a79552fff044f460b15d75632 /src/map/mapreg_sql.c | |
| parent | ce6eafb3ec39bf38384a944531b63abf452c80fe (diff) | |
| download | hercules-b5021bf40bb1d0a6d38d7b85789703dc12a26180.tar.gz hercules-b5021bf40bb1d0a6d38d7b85789703dc12a26180.tar.bz2 hercules-b5021bf40bb1d0a6d38d7b85789703dc12a26180.tar.xz hercules-b5021bf40bb1d0a6d38d7b85789703dc12a26180.zip | |
Ensured 32+1 bytes for all buffers that hold variable names
Related: #865, #866, #867
Signed-off-by: Haru <haru@dotalux.com>
Diffstat (limited to 'src/map/mapreg_sql.c')
| -rw-r--r-- | src/map/mapreg_sql.c | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/src/map/mapreg_sql.c b/src/map/mapreg_sql.c index ddd259651..9bf67196e 100644 --- a/src/map/mapreg_sql.c +++ b/src/map/mapreg_sql.c @@ -94,9 +94,9 @@ bool mapreg_setreg(int64 uid, int val) { m->save = false; m->is_string = false; - if(name[1] != '@' && !mapreg->skip_insert) {// write new variable to database - char tmp_str[32*2+1]; - SQL->EscapeStringLen(map->mysql_handle, tmp_str, name, strnlen(name, 32)); + if (name[1] != '@' && !mapreg->skip_insert) {// write new variable to database + char tmp_str[(SCRIPT_VARNAME_LENGTH+1)*2+1]; + SQL->EscapeStringLen(map->mysql_handle, tmp_str, name, strnlen(name, SCRIPT_VARNAME_LENGTH+1)); if( SQL_ERROR == SQL->Query(map->mysql_handle, "INSERT INTO `%s`(`varname`,`index`,`value`) VALUES ('%s','%d','%d')", mapreg->table, tmp_str, i, val) ) Sql_ShowDebug(map->mysql_handle); } @@ -166,9 +166,9 @@ bool mapreg_setregstr(int64 uid, const char* str) { m->is_string = true; if(name[1] != '@' && !mapreg->skip_insert) { //put returned null, so we must insert. - char tmp_str[32*2+1]; + char tmp_str[(SCRIPT_VARNAME_LENGTH+1)*2+1]; char tmp_str2[255*2+1]; - SQL->EscapeStringLen(map->mysql_handle, tmp_str, name, strnlen(name, 32)); + SQL->EscapeStringLen(map->mysql_handle, tmp_str, name, strnlen(name, SCRIPT_VARNAME_LENGTH+1)); SQL->EscapeStringLen(map->mysql_handle, tmp_str2, str, strnlen(str, 255)); if( SQL_ERROR == SQL->Query(map->mysql_handle, "INSERT INTO `%s`(`varname`,`index`,`value`) VALUES ('%s','%d','%s')", mapreg->table, tmp_str, i, tmp_str2) ) Sql_ShowDebug(map->mysql_handle); @@ -191,7 +191,7 @@ void script_load_mapreg(void) { +-------------------------+ */ SqlStmt* stmt = SQL->StmtMalloc(map->mysql_handle); - char varname[32+1]; + char varname[SCRIPT_VARNAME_LENGTH+1]; int index; char value[255+1]; uint32 length; |