diff options
| author | Haru <haru@dotalux.com> | 2018-05-06 17:52:22 +0200 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2018-05-06 17:52:22 +0200 |
| commit | b889108f6dea3e1765681b9eaf4a39a18c24eeec (patch) | |
| tree | 40e2b55d2e4d1f4a38a0a36be7f9920dd9637ce4 /src/map | |
| parent | d6785d389cbee4f34078f6762626ca61b2d6cc25 (diff) | |
| parent | ed8fac40e2d6cbf11b9a4a1a8182cd28871e3e6d (diff) | |
| download | hercules-b889108f6dea3e1765681b9eaf4a39a18c24eeec.tar.gz hercules-b889108f6dea3e1765681b9eaf4a39a18c24eeec.tar.bz2 hercules-b889108f6dea3e1765681b9eaf4a39a18c24eeec.tar.xz hercules-b889108f6dea3e1765681b9eaf4a39a18c24eeec.zip | |
Merge pull request #2028 from 4144/warnings
Fix some possible buffer overflows.
Diffstat (limited to 'src/map')
| -rw-r--r-- | src/map/atcommand.c | 6 | ||||
| -rw-r--r-- | src/map/clif.c | 12 | ||||
| -rw-r--r-- | src/map/map.c | 14 | ||||
| -rw-r--r-- | src/map/map.h | 2 |
4 files changed, 18 insertions, 16 deletions
diff --git a/src/map/atcommand.c b/src/map/atcommand.c index 9deed0098..90ba73fa6 100644 --- a/src/map/atcommand.c +++ b/src/map/atcommand.c @@ -6192,7 +6192,7 @@ ACMD(cleanarea) { *------------------------------------------*/ ACMD(npctalk) { - char name[NAME_LENGTH],mes[100],temp[100]; + char name[NAME_LENGTH], mes[100], temp[200]; struct npc_data *nd; bool ifcolor=(*(info->command + 7) != 'c' && *(info->command + 7) != 'C')?0:1; unsigned int color = 0; @@ -6229,7 +6229,7 @@ ACMD(npctalk) ACMD(pettalk) { - char mes[100],temp[100]; + char mes[100], temp[200]; struct pet_data *pd; if (battle_config.min_chat_delay) { @@ -7034,7 +7034,7 @@ ACMD(homhungry) *------------------------------------------*/ ACMD(homtalk) { - char mes[100],temp[100]; + char mes[100], temp[200]; if (battle_config.min_chat_delay) { if (DIFF_TICK(sd->cantalk_tick, timer->gettick()) > 0) diff --git a/src/map/clif.c b/src/map/clif.c index 47d5a1586..451b1fb17 100644 --- a/src/map/clif.c +++ b/src/map/clif.c @@ -19990,9 +19990,9 @@ void clif_rodex_send_maillist(int fd, struct map_session_data *sd, int8 open_typ } inner->Titlelength = (int16)strlen(msg->title) + 1; if (open_type != RODEX_OPENTYPE_RETURN) { - strncpy(inner->SenderName, msg->sender_name, sizeof(msg->sender_name)); + strncpy(inner->SenderName, msg->sender_name, sizeof(inner->SenderName)); } else { - strncpy(inner->SenderName, msg->receiver_name, sizeof(msg->receiver_name)); + strncpy(inner->SenderName, msg->receiver_name, sizeof(inner->SenderName)); } strncpy(inner->title, msg->title, inner->Titlelength); size += sizeof(*inner) + inner->Titlelength; @@ -20051,9 +20051,9 @@ void clif_rodex_send_mails_all(int fd, struct map_session_data *sd, int64 mail_i } inner->Titlelength = (int16)strlen(msg->title) + 1; if (msg->opentype != RODEX_OPENTYPE_RETURN) { - strncpy(inner->SenderName, msg->sender_name, sizeof(msg->sender_name)); + strncpy(inner->SenderName, msg->sender_name, sizeof(inner->SenderName)); } else { - strncpy(inner->SenderName, msg->receiver_name, sizeof(msg->receiver_name)); + strncpy(inner->SenderName, msg->receiver_name, sizeof(inner->SenderName)); } strncpy(inner->title, msg->title, inner->Titlelength); size += sizeof(*inner) + inner->Titlelength; @@ -20122,9 +20122,9 @@ void clif_rodex_send_refresh(int fd, struct map_session_data *sd, int8 open_type } inner->Titlelength = (int16)strlen(msg->title) + 1; if (open_type != RODEX_OPENTYPE_RETURN) { - strncpy(inner->SenderName, msg->sender_name, sizeof(msg->sender_name)); + strncpy(inner->SenderName, msg->sender_name, sizeof(inner->SenderName)); } else { - strncpy(inner->SenderName, msg->receiver_name, sizeof(msg->receiver_name)); + strncpy(inner->SenderName, msg->receiver_name, sizeof(inner->SenderName)); } strncpy(inner->title, msg->title, inner->Titlelength); size += sizeof(*inner) + inner->Titlelength; diff --git a/src/map/map.c b/src/map/map.c index 90b304865..8386b3c3d 100644 --- a/src/map/map.c +++ b/src/map/map.c @@ -5119,11 +5119,12 @@ bool map_zone_mf_cache(int m, char *flag, char *params) { } } else if (!strcmpi(flag,"adjust_unit_duration")) { int skill_id, k; - char skill_name[MAP_ZONE_MAPFLAG_LENGTH], modifier[MAP_ZONE_MAPFLAG_LENGTH]; - size_t len = strlen(params); + char skill_name[MAX_SKILL_NAME_LENGTH], modifier[MAP_ZONE_MAPFLAG_LENGTH]; + size_t len; modifier[0] = '\0'; - memcpy(skill_name, params, MAP_ZONE_MAPFLAG_LENGTH); + safestrncpy(skill_name, params, MAX_SKILL_NAME_LENGTH); + len = strlen(skill_name); for(k = 0; k < len; k++) { if( skill_name[k] == '\t' ) { @@ -5152,11 +5153,12 @@ bool map_zone_mf_cache(int m, char *flag, char *params) { } } else if (!strcmpi(flag,"adjust_skill_damage")) { int skill_id, k; - char skill_name[MAP_ZONE_MAPFLAG_LENGTH], modifier[MAP_ZONE_MAPFLAG_LENGTH]; - size_t len = strlen(params); + char skill_name[MAX_SKILL_NAME_LENGTH], modifier[MAP_ZONE_MAPFLAG_LENGTH]; + size_t len; modifier[0] = '\0'; - memcpy(skill_name, params, MAP_ZONE_MAPFLAG_LENGTH); + safestrncpy(skill_name, params, MAX_SKILL_NAME_LENGTH); + len = strlen(skill_name); for(k = 0; k < len; k++) { if( skill_name[k] == '\t' ) { diff --git a/src/map/map.h b/src/map/map.h index d6afdc160..0618b0da8 100644 --- a/src/map/map.h +++ b/src/map/map.h @@ -740,7 +740,7 @@ enum map_zone_merge_type { #define MAP_ZONE_BG_NAME "Battlegrounds" #define MAP_ZONE_CVC_NAME "CvC" #define MAP_ZONE_PK_NAME "PK Mode" -#define MAP_ZONE_MAPFLAG_LENGTH 50 +#define MAP_ZONE_MAPFLAG_LENGTH 65 struct map_zone_data { char name[MAP_ZONE_NAME_LENGTH];/* 20'd */ |