From eca50970f9576c247d699304232fbd9d25f1bb1a Mon Sep 17 00:00:00 2001 From: Fedja Beader Date: Sat, 31 Aug 2024 20:50:05 +0200 Subject: strcpy/strcat are unsafe --- src/emap/script_buildins.c | 33 ++++++++++++--------------------- 1 file changed, 12 insertions(+), 21 deletions(-) diff --git a/src/emap/script_buildins.c b/src/emap/script_buildins.c index 9acbf7c..f1e02f6 100644 --- a/src/emap/script_buildins.c +++ b/src/emap/script_buildins.c @@ -144,8 +144,6 @@ BUILDIN(restoreCam) BUILDIN(npcTalk3) { - const char *msg; - getSD(); TBL_NPC *nd = map->id2nd(st->oid); @@ -160,40 +158,33 @@ BUILDIN(npcTalk3) if (!str) { - ShowWarning("error in string\n"); + ShowWarning("error obtaining string\n"); script->reportsrc(st); return false; } - if (sd) - msg = lang_pctrans (nd->name, sd); - else - msg = nd->name; + const char *npc_name const = sd ? lang_pctrans (nd->name, sd) + : nd->name; - if (!msg) + if (!npc_name) { - ShowWarning("error in string\n"); + ShowWarning("NPC name missing\n"); script->reportsrc(st); return false; } - if (strlen(str) + strlen(msg) > 450) + + const size_t mlen = strlen(npc_name) + 3 + strlen(str) + 1; + if (mlen > 450+3+1) { ShowWarning("text message too big\n"); script->reportsrc(st); return false; } - if (nd) - { - char message[500]; - char name[500]; - strcpy (name, msg); - strtok(name, "#"); - strcpy (message, name); - strcat (message, " : "); - strcat (message, str); - send_local_message (sd->fd, &(nd->bl), message); - } + char message[mlen]; + snprintf (message, mlen, "%s : %s", npc_name, str); + + send_local_message (sd->fd, &(nd->bl), message); return true; } -- cgit v1.2.3-70-g09d2