Merge changes from NetHack-3.6 into NetHack-3.7-Jan2020

This commit is contained in:
nhmall
2020-01-14 09:28:38 -05:00
3 changed files with 52 additions and 43 deletions

View File

@@ -1,14 +1,16 @@
$NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.0 $ $NHDT-Date: 1576705788 2019/12/18 21:49:48 $
$NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.3 $ $NHDT-Date: 1578996303 2020/01/14 10:05:03 $
fixes36.5 contains a terse summary of changes made to 3.6.4 in order to
produce 3.6.5 as well as any post-release fixes in binaries.
This fixes36.5 file is here to capture information about updates in the 3.6.x
lineage following the release of 3.6.4 in December 2019. Please note, however,
that another 3.6.x release is not anticipated, and most developer
focus will shift to the next major release.
General Fixes and Modified Features
-----------------------------------
have string_for_opt() return empty_optstr on failure
ensure existing callers of string_for_opt() check the return value before using it
ensure existing callers of string_for_opt() check return value before using it
fix potential buffer overflow in add_menu_coloring()
fix potential buffer overflow in sym_val()
fix potential buffer overflow in pline(), raw_printf(), and config_error_add()
Fixes to Post-3.6.4 Problems that Were Exposed Via git Repository
@@ -22,12 +24,5 @@ Windows OPTIONS=map_mode:fit_to_screen could cause a game start failure
General New Features
--------------------
NetHack Community Patches (or Variation) Included
-------------------------------------------------
Code Cleanup and Reorganization
-------------------------------
none

View File

@@ -1,4 +1,4 @@
/* NetHack 3.7 options.c $NHDT-Date: 1577050473 2019/12/22 21:34:33 $ $NHDT-Branch: NetHack-3.7 $:$NHDT-Revision: 1.422 $ */
/* NetHack 3.7 options.c $NHDT-Date: 1578996303 2020/01/14 10:05:03 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.396 $ */
/* Copyright (c) Stichting Mathematisch Centrum, Amsterdam, 1985. */
/*-Copyright (c) Michael Allison, 2008. */
/* NetHack may be freely redistributed. See license for details. */
@@ -42,7 +42,7 @@ enum window_option_types {
#define PILE_LIMIT_DFLT 5
static char empty_optstr[] = {0};
static char empty_optstr[] = { '\0' };
/*
* NOTE: If you add (or delete) an option, please update the short
@@ -929,8 +929,8 @@ int maxlen;
*/
static void
escapes(cp, tp)
const char *cp;
char *tp;
const char *cp; /* might be 'tp', updating in place */
char *tp; /* result is never longer than 'cp' */
{
static NEARDATA const char oct[] = "01234567", dec[] = "0123456789",
hex[] = "00112233445566778899aAbBcCdDeEfF";
@@ -1808,15 +1808,16 @@ int c, a;
/* parse '"regex_string"=color&attr' and add it to menucoloring */
boolean
add_menu_coloring(tmpstr)
char *tmpstr;
char *tmpstr; /* never Null but could be empty */
{
int c = NO_COLOR, a = ATR_NONE;
char *tmps, *cs, *amp;
char str[BUFSZ];
Sprintf(str, "%s", tmpstr);
(void) strncpy(str, tmpstr, sizeof str - 1);
str[sizeof str - 1] = '\0';
if (!tmpstr || (cs = index(str, '=')) == 0) {
if ((cs = index(str, '=')) == 0) {
config_error_add("Malformed MENUCOLOR");
return FALSE;
}
@@ -2507,7 +2508,8 @@ boolean tinitial, tfrom_file;
config_error_add("Unknown %s parameter '%s'", fullname, opts);
return FALSE;
}
if (opttype > 0 && (op = string_for_opt(opts, FALSE)) != empty_optstr) {
if (opttype > 0
&& (op = string_for_opt(opts, FALSE)) != empty_optstr) {
wc_set_font_name(opttype, op);
#ifdef MAC
set_font_name(opttype, op);
@@ -2607,7 +2609,6 @@ boolean tinitial, tfrom_file;
if (match_optname(opts, "fruit", 2, TRUE)) {
struct fruit *forig = 0;
char empty_str = '\0';
if (duplicate)
complain_about_duplicate(opts, 1);
@@ -2622,7 +2623,7 @@ boolean tinitial, tfrom_file;
}
if (op == empty_optstr)
return FALSE;
/* stripped leading and trailing spaces, condensed internal ones in 3.6.2 */
/* strip leading/trailing spaces, condense internal ones (3.6.2) */
mungspaces(op);
if (!g.opt_initial) {
struct fruit *f;
@@ -3081,7 +3082,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr))
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr))
flags.pile_limit = negated ? 0 : atoi(op);
else if (negated) {
bad_negation(fullname, TRUE);
@@ -3180,7 +3182,8 @@ boolean tinitial, tfrom_file;
}
/* "disclose" without a value means "all with prompting"
and negated means "none without prompting" */
if (op == empty_optstr || !strcmpi(op, "all") || !strcmpi(op, "none")) {
if (op == empty_optstr
|| !strcmpi(op, "all") || !strcmpi(op, "none")) {
if (op != empty_optstr && !strcmpi(op, "none"))
negated = TRUE;
for (num = 0; num < NUM_DISCLOSURE_OPTIONS; num++)
@@ -3453,7 +3456,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr)) {
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr)) {
iflags.wc_scroll_amount = negated ? 1 : atoi(op);
} else if (negated) {
bad_negation(fullname, TRUE);
@@ -3469,7 +3473,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr)) {
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr)) {
iflags.wc_scroll_margin = negated ? 5 : atoi(op);
} else if (negated) {
bad_negation(fullname, TRUE);
@@ -3504,7 +3509,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr)) {
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr)) {
iflags.wc_tile_width = negated ? 0 : atoi(op);
} else if (negated) {
bad_negation(fullname, TRUE);
@@ -3533,7 +3539,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr)) {
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr)) {
iflags.wc_tile_height = negated ? 0 : atoi(op);
} else if (negated) {
bad_negation(fullname, TRUE);
@@ -3549,7 +3556,8 @@ boolean tinitial, tfrom_file;
if (duplicate)
complain_about_duplicate(opts, 1);
op = string_for_opt(opts, negated);
if ((negated && op == empty_optstr) || (!negated && op != empty_optstr)) {
if ((negated && op == empty_optstr)
|| (!negated && op != empty_optstr)) {
iflags.wc_vary_msgcount = negated ? 0 : atoi(op);
} else if (negated) {
bad_negation(fullname, TRUE);
@@ -3650,7 +3658,7 @@ boolean tinitial, tfrom_file;
bad_negation(fullname, FALSE);
retval = FALSE;
/* this just checks atol() sanity, not logical window size sanity */
/* just checks atol() sanity, not logical window size sanity */
} else if (ltmp <= 0L || ltmp >= (long) LARGEST_INT) {
config_error_add("Invalid %s: %ld", fullname, ltmp);
retval = FALSE;
@@ -6132,9 +6140,9 @@ char *buf;
int
sym_val(strval)
const char *strval;
const char *strval; /* up to 4*BUFSZ-1 long; only first few chars matter */
{
char buf[QBUFSZ];
char buf[QBUFSZ], tmp[QBUFSZ]; /* to hold trucated copy of 'strval' */
buf[0] = '\0';
if (!strval[0] || !strval[1]) { /* empty, or single character */
@@ -6155,7 +6163,7 @@ const char *strval;
/* not simple quote or basic backslash;
strip closing quote and let escapes() deal with it */
} else {
char *p, tmp[QBUFSZ];
char *p;
(void) strncpy(tmp, strval + 1, sizeof tmp - 1);
tmp[sizeof tmp - 1] = '\0';
@@ -6164,8 +6172,11 @@ const char *strval;
escapes(tmp, buf);
} /* else buf[0] stays '\0' */
}
} else /* not lone char nor single quote */
escapes(strval, buf);
} else { /* not lone char nor single quote */
(void) strncpy(tmp, strval + 1, sizeof tmp - 1);
tmp[sizeof tmp - 1] = '\0';
escapes(tmp, buf);
}
return (int) *buf;
}

View File

@@ -6,6 +6,10 @@
#define NEED_VARARGS /* Uses ... */ /* comment line for pre-compiled headers */
#include "hack.h"
#define BIGBUFSZ (5 * BUFSZ) /* big enough to format a 4*BUFSZ string (from
* config file parsing) with modest decoration;
* result will then be truncated to BUFSZ-1 */
static void FDECL(putmesg, (const char *));
static char *FDECL(You_buf, (int));
#if defined(MSGHANDLER) && (defined(POSIX_TYPES) || defined(__GNUC__))
@@ -114,7 +118,7 @@ VA_DECL(const char *, line)
#endif /* USE_STDARG | USE_VARARG */
{ /* start of vpline() or of nested block in USE_OLDARG's pline() */
static int in_pline = 0;
char pbuf[3 * BUFSZ];
char pbuf[BIGBUFSZ]; /* will get chopped down to BUFSZ-1 if longer */
int ln;
int msgtyp;
boolean no_repeat;
@@ -435,15 +439,14 @@ void raw_printf
VA_DECL(const char *, line)
#endif
{
char pbuf[3 * BUFSZ];
int ln;
char pbuf[BIGBUFSZ]; /* will be chopped down to BUFSZ-1 if longer */
/* Do NOT use VA_START and VA_END in here... see above */
if (index(line, '%')) {
Vsprintf(pbuf, line, VA_ARGS);
line = pbuf;
}
if ((ln = (int) strlen(line)) > BUFSZ - 1) {
if ((int) strlen(line) > BUFSZ - 1) {
if (line != pbuf)
line = strncpy(pbuf, line, BUFSZ - 1);
/* unlike pline, we don't futz around to keep last few chars */
@@ -462,7 +465,7 @@ VA_DECL(const char *, line)
void impossible
VA_DECL(const char *, s)
{
char pbuf[2 * BUFSZ];
char pbuf[BIGBUFSZ]; /* will be chopped down to BUFSZ-1 if longer */
VA_START(s);
VA_INIT(s, const char *);
@@ -567,7 +570,7 @@ config_error_add
VA_DECL(const char *, str)
#endif /* ?(USE_STDARG || USE_VARARG) */
{ /* start of vconf...() or of nested block in USE_OLDARG's conf...() */
char buf[2 * BUFSZ];
char buf[BIGBUFSZ]; /* will be chopped down to BUFSZ-1 if longer */
Vsprintf(buf, str, VA_ARGS);
buf[BUFSZ - 1] = '\0';