From 40789b7070128d2f31536c0be422bd3032a5fffc Mon Sep 17 00:00:00 2001 From: PatR Date: Fri, 13 Dec 2019 13:36:38 -0800 Subject: [PATCH 1/7] fix potential buffer overflow loading config file --- doc/fixes36.4 | 1 + src/files.c | 35 +++++++++++++++++++++++------------ 2 files changed, 24 insertions(+), 12 deletions(-) diff --git a/doc/fixes36.4 b/doc/fixes36.4 index 5865224cc..aada6c85f 100644 --- a/doc/fixes36.4 +++ b/doc/fixes36.4 @@ -11,6 +11,7 @@ GDBPATH and GREPPATH from sysconf or -D... on compilation command line were at end of game when that was enabled fix the article used in the message when your steed encounters a polymorph trap dozen-ish assorted spelling/typo fixes in messages and source comments +fix potential buffer overflow when parsing run-time configuration file Fixes to Post-3.6.3 Problems that Were Exposed Via git Repository diff --git a/src/files.c b/src/files.c index 5f24956b8..e598ced9a 100644 --- a/src/files.c +++ b/src/files.c @@ -2309,10 +2309,14 @@ char *origbuf; int len; boolean retval = TRUE; + while (*origbuf == ' ' || *origbuf == '\t') /* skip leading whitespace */ + ++origbuf; /* (caller probably already did this) */ + (void) strncpy(buf, origbuf, sizeof buf - 1); + buf[sizeof buf - 1] = '\0'; /* strncpy not guaranteed to NUL terminate */ /* convert any tab to space, condense consecutive spaces into one, remove leading and trailing spaces (exception: if there is nothing but spaces, one of them will be kept even though it leads/trails) */ - mungspaces(strcpy(buf, origbuf)); + mungspaces(buf); /* find the '=' or ':' */ bufp = find_optparam(buf); @@ -3028,7 +3032,11 @@ boolean proc_wizkit_line(buf) char *buf; { - struct obj *otmp = readobjnam(buf, (struct obj *) 0); + struct obj *otmp; + + if (strlen(buf) >= BUFSZ) + buf[BUFSZ - 1] = '\0'; + otmp = readobjnam(buf, (struct obj *) 0); if (otmp) { if (otmp != &zeroobj) @@ -3136,22 +3144,23 @@ boolean FDECL((*proc), (char *)); /* merge now read line with previous ones, if necessary */ if (!ignoreline) { - len = (int) strlen(inbuf) + 1; + len = (int) strlen(ep) + 1; /* +1: final '\0' */ if (buf) - len += (int) strlen(buf); + len += (int) strlen(buf) + 1; /* +1: space */ tmpbuf = (char *) alloc(len); + *tmpbuf = '\0'; if (buf) { - Sprintf(tmpbuf, "%s %s", buf, inbuf); + Strcat(strcpy(tmpbuf, buf), " "); free(buf); - } else - Strcpy(tmpbuf, inbuf); - buf = tmpbuf; + } + buf = strcat(tmpbuf, ep); + buf[sizeof inbuf - 1] = '\0'; } if (morelines || (ignoreline && !oldline)) continue; - if (handle_config_section(ep)) { + if (handle_config_section(buf)) { free(buf); buf = (char *) 0; continue; @@ -3173,11 +3182,11 @@ boolean FDECL((*proc), (char *)); } bufp++; if (config_section_chosen) - free(config_section_chosen); + free(config_section_chosen), config_section_chosen = 0; section = choose_random_part(bufp, ','); - if (section) + if (section) { config_section_chosen = dupstr(section); - else { + } else { config_error_add("No config section to choose"); rv = FALSE; } @@ -3294,6 +3303,8 @@ int which_set; struct symparse *symp; char *bufp, *commentp, *altp; + if (strlen(buf) >= BUFSZ) + buf[BUFSZ - 1] = '\0'; /* convert each instance of whitespace (tabs, consecutive spaces) into a single space; leading and trailing spaces are stripped */ mungspaces(buf); From 6a3b9c2f526f1db77e8ca430e159fb1ec9e50661 Mon Sep 17 00:00:00 2001 From: nhmall Date: Fri, 13 Dec 2019 18:37:36 -0500 Subject: [PATCH 2/7] housekeeping updates for 3.6.4 --- README | 80 +++++++++---------------- dat/history | 3 + doc/Guidebook.mn | 7 ++- doc/Guidebook.tex | 7 ++- include/global.h | 2 +- include/patchlevel.h | 11 +++- src/windows.c | 2 +- sys/amiga/.gitattributes | 2 +- sys/atari/.gitattributes | 2 +- sys/be/.gitattributes | 2 +- sys/msdos/.gitattributes | 2 +- sys/os2/.gitattributes | 2 +- sys/share/.gitattributes | 10 ++-- sys/unix/README.linux | 4 +- sys/unix/sysconf | 2 +- sys/vms/Install.vms | 6 +- sys/vms/Makefile.src | 2 +- sys/vms/vmsbuild.com | 2 +- sys/wince/.gitattributes | 2 +- sys/wince/ceinc/.gitattributes | 2 +- sys/wince/winhack.rc | 10 ++-- sys/wince/winhcksp.rc | 10 ++-- sys/winnt/Install.nt | 4 +- sys/winnt/Makefile.gcc | 2 +- sys/winnt/Makefile.msc | 2 +- sys/winnt/nethack.def | 2 +- sys/winnt/sysconf.template | 7 ++- util/makedefs.c | 2 +- win/gem/.gitattributes | 2 +- win/gnome/.gitattributes | 2 +- win/macosx/NetHackGuidebook.applescript | 2 +- win/win32/NetHackW.rc | 8 +-- win/win32/mswproc.c | 2 +- win/win32/nethack.rc | 8 +-- 34 files changed, 107 insertions(+), 108 deletions(-) diff --git a/README b/README index 5cbcb70c4..f21b2f5b8 100644 --- a/README +++ b/README @@ -1,52 +1,26 @@ - NetHack 3.6.3 -- General information December 5, 2019 + NetHack 3.6.4 -- General information December 5, 2019 NetHack 3.6 is an enhancement to the dungeon exploration game NetHack, which is a distant descendent of Rogue and Hack, and a direct descendent of NetHack 3.4 as there was no NetHack 3.5 release. -NetHack 3.6.3 is the official release of NetHack that follows NetHack 3.6.2. -It contains a collection of over 190 bug fixes to NetHack 3.6.2 and over 22 -game enhancements and community contributions. The file doc/fixes36.3 in the -source distribution has a full list of them. The text in there was written for -the development team's own use and is provided "as is", so please do not ask -us to further explain the entries in that file. Some entries might be -considered "spoilers", particularly in the "new features" section. +NetHack 3.6.4 is the official release of NetHack that follows NetHack 3.6.3 +and contains all bug fixes since then, including one security-releated fix. +The file doc/fixes36.4 in the source distribution has a full list of them. The +text in there was written for the development team's own use and is provided +"as is", so please do not ask us to further explain the entries in that file. +Some entries might be considered "spoilers", particularly in the "new features" +section. Below you will find some other general notes that were not considered spoilers: - * Fixed stale 'thrownobj' pointer for returning thrown aklys while engulfed - * Fixed uarmh null pointer dereference if a helm of opposite alignment came - * off due to being polymorphed - * Fixed 'object lost' panic when attempting to crawl of of the water during - * emergency disrobing/dropping - * Running now stops when moving over engravings so you can tell where they - * are - * Fixed detection of unseen/secret doors which failed to find monsters hiding - * under objects and failed to find monsters hiding at trap locations - * Ensured fatal status conditions made it to disclosure and/or dumplog - * Fixed "Bad fruit #N" warnings when saving bones with 'perm_invent' On - * Fixed it so yellow dragons don't have green breath - * Added several grammar corrections - * Improved recognition of deafness for several situations including the - * playing of musical instruments and bribing negotiations with demon lords - * Fixed ignoring of god's wrath when hero injured himself during altar kick - * Fixed several cases where persistent inventory window was not updated - * Fixed temple priests or shopkeepers moving over other monsters - * Fixed a crash-causing bug when putting on levitation boots over a sink - * Ensured that thrown or kicked objects will end up in bones - * Made water go all the way to the edges of level on the Plane of Water - * Made clouds disrupt line of sight along the edges of the Plane of Air - * Improved and expanded usage of status highlighting percentage rules - * Added more than 15 improvements and fixes to the curses window port - * Added and documented significant changes to default directory choices for - * the Windows platform - * Improved the layout and display of the player selection dialog used on the - * Windows graphical implementation - * Improved performance of some tty versions by reducing the number of - * function calls made from mapglyph - * Allowed the msdos implementation to build with curses and PDCurses - * Over 100 other fixes and improvements + * GDBPATH and GREPPATH from sysconf or -D... on compilation command line were + * being processed even if PANICTRACE was disabled but only being freed + * at end of game when that was enabled + * fix the article used in the message when your steed encounters a polymorph trap + * dozen-ish assorted spelling/typo fixes in messages and source comments + * fix potential buffer overflow when parsing run-time configuration file - - - - - - - - - - - @@ -57,13 +31,13 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. call it. 2. Having unpacked, you should have a file called 'Files' in your Top - directory. + directory. This file contains the list of all the files you now SHOULD have in each directory. Please check the files in each directory against this list to make sure that you have a complete set. - This file also contains a list of what files are created during + This file also contains a list of what files are created during the build process. The names of the directories listed should not be changed unless you @@ -88,7 +62,7 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. At the time of this release, NetHack 3.6 has been tested to run/compile on: - Intel Pentium or better (or clone) running Linux, BSDI, or + Intel Pentium or better (or clone) running Linux, BSDI, or Windows (7 through 10) Intel 80386 or greater (or clone) boxes running Linux, or BSDI Mac OS X 10.11 (follow the instructions in sys/unix, not sys/mac) @@ -97,8 +71,8 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. Instructions have been provided by way of community contribution on: msdos protected mode using djgpp - Previous versions of NetHack were tested and known to run on the - following systems, but it is unknown if they can still build and + Previous versions of NetHack were tested and known to run on the + following systems, but it is unknown if they can still build and execute NetHack 3.6: Apple Macintosh running MacOS 7.5 or higher, LinuxPPC, BeOS 4.0 @@ -151,7 +125,7 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. - - - - - - - - - - - -If you have problems building the game, or you find bugs in it, we recommend +If you have problems building the game, or you find bugs in it, we recommend filing a bug report from our "Contact Us" web page at: https://www.nethack.org/common/contact.html Please include the version information from #version or the command line @@ -165,12 +139,12 @@ available can be obtained via git here: When sending correspondence, please observe the following: o Please be sure to include your machine type, OS, and patchlevel. -o Please avoid sending us binary files (e.g. save files or bones files). +o Please avoid sending us binary files (e.g. save files or bones files). If you have found a bug and think that your save file would aid in solving - the problem, send us a description in words of the problem, your machine - type, your operating system, and the version of NetHack. Tell us that you + the problem, send us a description in words of the problem, your machine + type, your operating system, and the version of NetHack. Tell us that you have a save file, but do not actually send it. - You may then be contacted by a member of the development team with the + You may then be contacted by a member of the development team with the address of a specific person to send the save file to. o Though we make an effort to reply to each bug report, it may take some time before you receive feedback. This is especially true during the @@ -179,16 +153,16 @@ o We don't give hints for playing the game. o Don't bother to ask when the next version will be out or you can expect to receive a stock answer. -If you want to submit a patch for the NetHack source code via email directly, +If you want to submit a patch for the NetHack source code via email directly, you can direct it to this address: nethack-bugs (at) nethack.org -If a feature is not accepted you are free, of course, to post the patches +If a feature is not accepted you are free, of course, to post the patches to the net yourself and let the marketplace decide their worth. All of this amounts to the following: If you decide to apply a free-lanced patch to your 3.6 code, you are welcome to do so, of course, but we won't -be able to provide support or receive bug reports for it. +be able to provide support or receive bug reports for it. In our own patches, we will assume that your code is synchronized with ours. diff --git a/dat/history b/dat/history index 50cb7ca1a..7dcaaca18 100644 --- a/dat/history +++ b/dat/history @@ -223,6 +223,9 @@ for decades, joined the NetHack Development Team in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. +NetHack 3.6.4 was released on December 17, 2019 containing a security +fix and a few bug fixes. + The official NetHack web site is maintained by Ken Lorber at http://www.nethack.org/. diff --git a/doc/Guidebook.mn b/doc/Guidebook.mn index 4c4cd5f11..d4556d582 100644 --- a/doc/Guidebook.mn +++ b/doc/Guidebook.mn @@ -24,7 +24,7 @@ .ds vr "NetHack 3.6 .ds f0 "\*(vr .ds f1 -.ds f2 "December 5, 2019 +.ds f2 "December 17, 2019 . .\" A note on some special characters: .\" \(lq = left double quote @@ -45,6 +45,8 @@ A Guide to the Mazes of Menace .au Original version - Eric S. Raymond (Edited and expanded for 3.6 by Mike Stephenson and others) +.sp 1 +\*(f2 .hn 1 Introduction .pg @@ -5149,6 +5151,9 @@ participant for decades, joined the NetHack Development Team in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. .pg +NetHack 3.6.4 was released on December 17, 2019 containing a security fix +and a few bug fixes. +.pg The official NetHack web site is maintained by \fBKen Lorber\fP at .UR https://www.nethack.org/ . diff --git a/doc/Guidebook.tex b/doc/Guidebook.tex index 049aa8598..36d459db0 100644 --- a/doc/Guidebook.tex +++ b/doc/Guidebook.tex @@ -45,7 +45,7 @@ %.au \author{Original version - Eric S. Raymond\\ (Edited and expanded for 3.6 by Mike Stephenson and others)} -\date{December 5, 2019} +\date{December 17, 2019} \maketitle @@ -5753,6 +5753,11 @@ for decades, joined the {\it NetHack Development Team} in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. +%.pg +\medskip +NetHack 3.6.4 was released on December 17, 2019 containing a security fix and +a few bug fixes. + %.pg \medskip \nd The official {\it NetHack\/} web site is maintained by {\it Ken Lorber} at diff --git a/include/global.h b/include/global.h index 5c02491c3..a2b70d258 100644 --- a/include/global.h +++ b/include/global.h @@ -19,7 +19,7 @@ /* * Development status of this NetHack version. */ -#define NH_DEVEL_STATUS NH_STATUS_POSTRELEASE +#define NH_DEVEL_STATUS NH_STATUS_RELEASED #ifndef DEBUG /* allow tool chains to define without causing warnings */ #define DEBUG diff --git a/include/patchlevel.h b/include/patchlevel.h index c945e68b5..01e1c3438 100644 --- a/include/patchlevel.h +++ b/include/patchlevel.h @@ -9,7 +9,7 @@ /* * PATCHLEVEL is updated for each release. */ -#define PATCHLEVEL 3 +#define PATCHLEVEL 4 /* * Incrementing EDITLEVEL can be used to force invalidation of old bones * and save files. @@ -36,6 +36,15 @@ /****************************************************************************/ /* Version 3.6.x */ +/* Patch 4, December 17, 2019 + * GDBPATH and GREPPATH from sysconf or -D... on compilation command line were + * being processed even if PANICTRACE was disabled but only being freed + * at end of game when that was enabled + * fix the article used in the message when your steed encounters a polymorph trap + * dozen-ish assorted spelling/typo fixes in messages and source comments + * fix potential buffer overflow when parsing run-time configuration file + */ + /* Patch 3, December 5, 2019 * * Fixed stale 'thrownobj' pointer for returning thrown aklys while engulfed diff --git a/src/windows.c b/src/windows.c index 0f0ccb4ed..974479187 100644 --- a/src/windows.c +++ b/src/windows.c @@ -1157,7 +1157,7 @@ boolean fullsubs; /* True -> full substitution for file name, False -> else Strcpy(tmpbuf, "{current date+time}"); break; - case 'v': /* version, eg. "3.6.3-0" */ + case 'v': /* version, eg. "3.6.4-0" */ Sprintf(tmpbuf, "%s", version_string(verbuf)); break; case 'u': /* UID */ diff --git a/sys/amiga/.gitattributes b/sys/amiga/.gitattributes index 5df6a5f30..f969b5ebc 100644 --- a/sys/amiga/.gitattributes +++ b/sys/amiga/.gitattributes @@ -1,2 +1,2 @@ *.p NHSUBST -* NH_filestag=(file%s_for_Amiga_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Amiga_versions_-_untested_for_3.6.4) diff --git a/sys/atari/.gitattributes b/sys/atari/.gitattributes index 66c510f6c..ff75d0637 100644 --- a/sys/atari/.gitattributes +++ b/sys/atari/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_Atari_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Atari_version_-_untested_for_3.6.4) diff --git a/sys/be/.gitattributes b/sys/be/.gitattributes index 9d9a35874..76b400189 100644 --- a/sys/be/.gitattributes +++ b/sys/be/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_BeOS_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_BeOS_version_-_untested_for_3.6.4) diff --git a/sys/msdos/.gitattributes b/sys/msdos/.gitattributes index 77cd3847b..a0b35794c 100644 --- a/sys/msdos/.gitattributes +++ b/sys/msdos/.gitattributes @@ -4,6 +4,6 @@ Makefile.* NHSUBST Install.* NHSUBST moveinit.pat NH_header=no vesa.h NH_header=no -* NH_filestag=(file%s_for_MSDOS_version_-_tested_for_3.6.3_via_cross-compile_only) +* NH_filestag=(file%s_for_MSDOS_version_-_tested_for_3.6.4_via_partial_cross-compile_only) nhico.uu NH_filestag=(file%s_for_running_MSDOS_binary_under_Windows) nhpif.uu NH_filestag=>nhico.uu diff --git a/sys/os2/.gitattributes b/sys/os2/.gitattributes index 0537d04f5..d3d1c307d 100644 --- a/sys/os2/.gitattributes +++ b/sys/os2/.gitattributes @@ -1,2 +1,2 @@ Makefile.* NHSUBST -* NH_filestag=(file%s_for_OS/2_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_OS/2_version_-_untested_for_3.6.4) diff --git a/sys/share/.gitattributes b/sys/share/.gitattributes index a34fbc350..271c3c59f 100644 --- a/sys/share/.gitattributes +++ b/sys/share/.gitattributes @@ -5,16 +5,16 @@ dgn_comp.h NH_header=no lev_comp.h NH_header=no Makefile.lib NH_header=no -Makefile.lib NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.3) -#termcap.uu NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.3) +Makefile.lib NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.4) +#termcap.uu NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.4) termcap.uu NH_filestag=>Makefile.lib -pcmain.c NH_filestag=(file_for_MSDOS,_OS/2,_Amiga,_and_Atari_versions_-_untested_for_3.6.3) +pcmain.c NH_filestag=(file_for_MSDOS,_OS/2,_Amiga,_and_Atari_versions_-_untested_for_3.6.4) -pcsys.c NH_filestag=(file%s_for_MSDOS,_OS/2_and_Atari_versions_-_tested_on_MSDOS_for_3.6.3_via_cross-compile_only) +pcsys.c NH_filestag=(file%s_for_MSDOS,_OS/2_and_Atari_versions_-_tested_on_MSDOS_for_3.6.4_via_partial_cross-compile_only) pcunix.c NH_filestag=>pcsys.c -NetHack.cnf NH_filestag=(file_for_MSDOS,_OS/2,_and_Atari_versions_-_untested_for_3.6.3) +NetHack.cnf NH_filestag=(file_for_MSDOS,_OS/2,_and_Atari_versions_-_untested_for_3.6.4) pctty.c NH_filestag=>NetHack.cnf ioctl.c NH_filestag=(file%s_for_UNIX_and_Be_versions) diff --git a/sys/unix/README.linux b/sys/unix/README.linux index b98d4cc7c..e96be77cd 100644 --- a/sys/unix/README.linux +++ b/sys/unix/README.linux @@ -26,8 +26,8 @@ home directory you might perform these steps. If you have old record and logfile entries from a previous NetHack version, you might want to save copies before they get overwritten by the new empty -files; old saved games and bones files from 3.6.0 through to 3.6.2 should -work with 3.6.3 but even older saved games and bones files from 3.4.3 will +files; old saved games and bones files from 3.6.0 through to 3.6.3 should +work with 3.6.4 but even older saved games and bones files from 3.4.3 will not. If you are installing from the RPM, there is no need to save the old record and logfile; they are automatically preserved. diff --git a/sys/unix/sysconf b/sys/unix/sysconf index 7a5c8a1c4..b8bfbcb9a 100644 --- a/sys/unix/sysconf +++ b/sys/unix/sysconf @@ -95,7 +95,7 @@ MAXPLAYERS=10 # Only available if NetHack was compiled with DUMPLOG # Allows following placeholders: # %% literal '%' -# %v version (eg. "3.6.3-0") +# %v version (eg. "3.6.4-0") # %u game UID # %t game start time, UNIX timestamp format # %T current time, UNIX timestamp format diff --git a/sys/vms/Install.vms b/sys/vms/Install.vms index 8c4bb2ee2..37418f261 100644 --- a/sys/vms/Install.vms +++ b/sys/vms/Install.vms @@ -1,4 +1,4 @@ - Instructions for Building and Installing NetHack 3.6.3 + Instructions for Building and Installing NetHack 3.6.4 on a VMS (aka OpenVMS) system ========================================= @@ -146,8 +146,8 @@ Notes: 0. Version 3.5.x was never publicly released. 1. Save files and bones files from 3.4.x and earlier versions - will not work with 3.6.3, but save files and bones file from 3.6.0, - through 3.6.2 should work. The scoreboard file (RECORD) from 3.6.x + will not work with 3.6.4, but save files and bones file from 3.6.0, + through 3.6.4 should work. The scoreboard file (RECORD) from 3.6.x or 3.4.x or 3.3.x will work. 2. To specify user-preference options in your environment, define the diff --git a/sys/vms/Makefile.src b/sys/vms/Makefile.src index 194a27fc8..566f129d4 100644 --- a/sys/vms/Makefile.src +++ b/sys/vms/Makefile.src @@ -133,7 +133,7 @@ RANDOBJ = isaac64.obj,random.obj # Other things that have to be reconfigured are in vmsconf.h, # and config.h -VERSION = 3.6.3 +VERSION = 3.6.4 MAKEDEFS = $(UTL)makedefs.exe; diff --git a/sys/vms/vmsbuild.com b/sys/vms/vmsbuild.com index 6a9e50f36..50dd41fc2 100755 --- a/sys/vms/vmsbuild.com +++ b/sys/vms/vmsbuild.com @@ -1,5 +1,5 @@ $ ! vms/vmsbuild.com -- compile and link NetHack 3.6.* [pr] -$ version_number = "3.6.3" +$ version_number = "3.6.4" $ ! $NHDT-Date: 1557701518 2019/05/12 22:51:58 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.23 $ $ ! Copyright (c) 2018 by Robert Patrick Rankin $ ! NetHack may be freely redistributed. See license for details. diff --git a/sys/wince/.gitattributes b/sys/wince/.gitattributes index 8e28791ce..70924b994 100644 --- a/sys/wince/.gitattributes +++ b/sys/wince/.gitattributes @@ -1,4 +1,4 @@ *.ce NHSUBST *.mak NHSUBST *.bat NHSUBST -* NH_filestag=(file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.4) diff --git a/sys/wince/ceinc/.gitattributes b/sys/wince/ceinc/.gitattributes index 8e72b80f0..e95fe9840 100644 --- a/sys/wince/ceinc/.gitattributes +++ b/sys/wince/ceinc/.gitattributes @@ -1 +1 @@ -* NH_filestag=(header_file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.3) +* NH_filestag=(header_file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.4) diff --git a/sys/wince/winhack.rc b/sys/wince/winhack.rc index c85fdec67..b928c3b04 100644 --- a/sys/wince/winhack.rc +++ b/sys/wince/winhack.rc @@ -284,8 +284,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -300,17 +300,17 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "Comments", "NetHack 3.6.3 for Windows CE\0" + VALUE "Comments", "NetHack 3.6.4 for Windows CE\0" VALUE "CompanyName", " \0" VALUE "FileDescription", "nethackm\0" - VALUE "FileVersion", "3, 6, 3, 0\0" + VALUE "FileVersion", "3, 6, 4, 0\0" VALUE "InternalName", "nethackm\0" VALUE "LegalCopyright", "Copyright © 1985-2019\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "nethackm.exe\0" VALUE "PrivateBuild", "090914\0" VALUE "ProductName", "NetHack\0" - VALUE "ProductVersion", "3, 6, 3, 0\0" + VALUE "ProductVersion", "3, 6, 4, 0\0" VALUE "SpecialBuild", "\0" END END diff --git a/sys/wince/winhcksp.rc b/sys/wince/winhcksp.rc index 04f7aec40..3e5373a2f 100644 --- a/sys/wince/winhcksp.rc +++ b/sys/wince/winhcksp.rc @@ -260,8 +260,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -276,17 +276,17 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "Comments", "NetHack 3.6.3 for Smartphone 2002\0" + VALUE "Comments", "NetHack 3.6.4 for Smartphone 2002\0" VALUE "CompanyName", " \0" VALUE "FileDescription", "nethackm\0" - VALUE "FileVersion", "3, 6, 3, 0\0" + VALUE "FileVersion", "3, 6, 4, 0\0" VALUE "InternalName", "nethackm\0" VALUE "LegalCopyright", "Copyright © 1985-2019\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "nethackm.exe\0" VALUE "PrivateBuild", "090914\0" VALUE "ProductName", "NetHack For Smartphone\0" - VALUE "ProductVersion", "3, 6, 3, 0\0" + VALUE "ProductVersion", "3, 6, 4, 0\0" VALUE "SpecialBuild", "\0" END END diff --git a/sys/winnt/Install.nt b/sys/winnt/Install.nt index 5b87226c1..7ef199034 100644 --- a/sys/winnt/Install.nt +++ b/sys/winnt/Install.nt @@ -16,7 +16,7 @@ contributed the port. Alex Kompel, Dion Nicolaas, Yitzhak Sapir, Derek S. Ray, Michael Allison, Pasi Kallinen, Bart House, and Janet Walz contributed to the maintainance -of the tty and graphical windows versions of NetHack 3.6.3. +of the tty and graphical windows versions of NetHack 3.6.4. You can build a TTY version of NetHack and a Windows Graphical version. You can use one of the following build environments: @@ -151,7 +151,7 @@ a 32-bit x86 version, or a 64-bit x64 version. The default Makefile is set up for a 32-bit x86 version, but that's only because it will run on the most number of existing Windows environments. -NetHack's save files and bones files in the 3.6.3 release have not yet +NetHack's save files and bones files in the 3.6.4 release have not yet evolved enough to allow them to interchange between the 32-bit version and the 64-bit version (or between different platforms). Hopefully that will change in an upcoming release. diff --git a/sys/winnt/Makefile.gcc b/sys/winnt/Makefile.gcc index d19532369..a1eead86f 100644 --- a/sys/winnt/Makefile.gcc +++ b/sys/winnt/Makefile.gcc @@ -139,7 +139,7 @@ SKIP_NETHACKW=Y #============================================================================== # The version of the game this Makefile was designed for -NETHACK_VERSION="3.6.3" +NETHACK_VERSION="3.6.4" # A brief version for use in macros NHV1=$(subst .,,$(NETHACK_VERSION)) diff --git a/sys/winnt/Makefile.msc b/sys/winnt/Makefile.msc index 550c71fc0..2ecca426b 100644 --- a/sys/winnt/Makefile.msc +++ b/sys/winnt/Makefile.msc @@ -93,7 +93,7 @@ DEBUGINFO = Y #============================================================================== # # The version of the game this Makefile was designed for -NETHACK_VERSION="3.6.3" +NETHACK_VERSION="3.6.4" # A brief version for use in macros NHV=$(NETHACK_VERSION:.=) diff --git a/sys/winnt/nethack.def b/sys/winnt/nethack.def index bc08347a1..67f372a46 100644 --- a/sys/winnt/nethack.def +++ b/sys/winnt/nethack.def @@ -1,5 +1,5 @@ NAME NETHACK -DESCRIPTION 'NetHack 3.6.3 for Windows' +DESCRIPTION 'NetHack 3.6.4 for Windows' EXETYPE WINDOWS STUB 'WINSTUB.EXE' CODE PRELOAD MOVEABLE DISCARDABLE diff --git a/sys/winnt/sysconf.template b/sys/winnt/sysconf.template index fccec7fe6..e8b70015f 100644 --- a/sys/winnt/sysconf.template +++ b/sys/winnt/sysconf.template @@ -24,7 +24,7 @@ WIZARDS=* # Only available if NetHack was compiled with DUMPLOG # Allows following placeholders: # %% literal '%' -# %v version (eg. "3.6.3-0") +# %v version (eg. "3.6.4-0") # %u game UID # %t game start time, UNIX timestamp format # %T current time, UNIX timestamp format @@ -77,6 +77,9 @@ WIZARDS=* # IMPORTANT: If you change any of these locations, the directories they # point at must exist. NetHack will not create them for you. # +# Before adjusting, you can verify the default locations for files with: +# nethack --showpaths +# # The location that users can adjust their config file startup options #CONFIGDIR=%USERPROFILE%\NetHack # @@ -88,7 +91,7 @@ WIZARDS=* #HACKDIR=%USERPROFILE%\NetHack\3.6 # # The location that level files in progress are stored (writeable) -LEVELDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 +#LEVELDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 # # The location where saved games are kept (writeable) #SAVEDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 diff --git a/util/makedefs.c b/util/makedefs.c index 6b0ef9cc6..ff8ac2f52 100644 --- a/util/makedefs.c +++ b/util/makedefs.c @@ -53,7 +53,7 @@ #endif #if defined(UNIX) && !defined(LINT) && !defined(GCC_WARN) -static const char SCCS_Id[] UNUSED = "@(#)makedefs.c\t3.6\t2019/12/05"; +static const char SCCS_Id[] UNUSED = "@(#)makedefs.c\t3.6\t2019/12/17"; #endif /* names of files to be generated */ diff --git a/win/gem/.gitattributes b/win/gem/.gitattributes index e108c78d7..3c4d1eef1 100644 --- a/win/gem/.gitattributes +++ b/win/gem/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_GEM_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_GEM_versions_-_untested_for_3.6.4) diff --git a/win/gnome/.gitattributes b/win/gnome/.gitattributes index 013227bc8..6f8e9f364 100644 --- a/win/gnome/.gitattributes +++ b/win/gnome/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_GNOME_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_GNOME_versions_-_untested_for_3.6.4) diff --git a/win/macosx/NetHackGuidebook.applescript b/win/macosx/NetHackGuidebook.applescript index dd05a3a8f..977d4d713 100644 --- a/win/macosx/NetHackGuidebook.applescript +++ b/win/macosx/NetHackGuidebook.applescript @@ -1,5 +1,5 @@ #!/usr/bin/osascript -# NetHack 3.6.3 NetHackGuidebook.applescript $NHDT-Date: 1575245175 2019/12/02 00:06:15 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.10 $ +# NetHack 3.6 NetHackGuidebook.applescript $NHDT-Date: 1575245175 2019/12/02 00:06:15 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.10 $ # Copyright (c) Kenneth Lorber, Kensington, Maryland, 2011 # NetHack may be freely redistributed. See license for details. diff --git a/win/win32/NetHackW.rc b/win/win32/NetHackW.rc index 59381dd90..a98f6f021 100644 --- a/win/win32/NetHackW.rc +++ b/win/win32/NetHackW.rc @@ -320,8 +320,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x1fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -337,13 +337,13 @@ BEGIN BLOCK "040904b0" BEGIN VALUE "FileDescription", "NetHack for Windows - Graphical Interface" - VALUE "FileVersion", "3.6.3" + VALUE "FileVersion", "3.6.4" VALUE "InternalName", "NetHackW" VALUE "LegalCopyright", "Copyright (C) 1985 - 2019. By Stichting Mathematisch Centrum and M. Stephenson. See license for details." VALUE "OriginalFilename", "NetHackW.exe" VALUE "PrivateBuild", "140606" VALUE "ProductName", "NetHack" - VALUE "ProductVersion", "3.6.3" + VALUE "ProductVersion", "3.6.4" END END BLOCK "VarFileInfo" diff --git a/win/win32/mswproc.c b/win/win32/mswproc.c index 324418f0c..f117fc3ce 100644 --- a/win/win32/mswproc.c +++ b/win/win32/mswproc.c @@ -2316,7 +2316,7 @@ logDebug(const char *fmt, ...) /* Reading and writing settings from the registry. */ #define CATEGORYKEY "Software" #define COMPANYKEY "NetHack" -#define PRODUCTKEY "NetHack 3.6.3" +#define PRODUCTKEY "NetHack 3.6.4" #define SETTINGSKEY "Settings" #define MAINSHOWSTATEKEY "MainShowState" #define MAINMINXKEY "MainMinX" diff --git a/win/win32/nethack.rc b/win/win32/nethack.rc index c7ee38399..3f30ae2c4 100644 --- a/win/win32/nethack.rc +++ b/win/win32/nethack.rc @@ -60,8 +60,8 @@ IDI_ICON1 ICON "nethack.ico" // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x1fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -77,12 +77,12 @@ BEGIN BLOCK "040904b0" BEGIN VALUE "FileDescription", "NetHack for Windows - TTY Interface" - VALUE "FileVersion", "3.6.3" + VALUE "FileVersion", "3.6.4" VALUE "InternalName", "NetHack" VALUE "LegalCopyright", "Copyright (C) 1985 - 2019. By Stichting Mathematisch Centrum and M. Stephenson. See license for details." VALUE "OriginalFilename", "NetHack.exe" VALUE "ProductName", "NetHack" - VALUE "ProductVersion", "3.6.3" + VALUE "ProductVersion", "3.6.4" END END BLOCK "VarFileInfo" From dacf0252626e7ae46429890dd4018f6a61aaf77a Mon Sep 17 00:00:00 2001 From: nhmall Date: Fri, 13 Dec 2019 18:39:31 -0500 Subject: [PATCH 3/7] typos --- README | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README b/README index f21b2f5b8..d608a997b 100644 --- a/README +++ b/README @@ -1,11 +1,11 @@ - NetHack 3.6.4 -- General information December 5, 2019 + NetHack 3.6.4 -- General information December 17, 2019 NetHack 3.6 is an enhancement to the dungeon exploration game NetHack, which is a distant descendent of Rogue and Hack, and a direct descendent of NetHack 3.4 as there was no NetHack 3.5 release. NetHack 3.6.4 is the official release of NetHack that follows NetHack 3.6.3 -and contains all bug fixes since then, including one security-releated fix. +and contains all bug fixes since then, including one security-related fix. The file doc/fixes36.4 in the source distribution has a full list of them. The text in there was written for the development team's own use and is provided "as is", so please do not ask us to further explain the entries in that file. From 3f457b664b9df0c572b474cac9e5c52bdfde9065 Mon Sep 17 00:00:00 2001 From: PatR Date: Sat, 14 Dec 2019 16:06:07 -0800 Subject: [PATCH 4/7] finalize fixes36.4 --- doc/fixes36.4 | 19 ++++--------------- 1 file changed, 4 insertions(+), 15 deletions(-) diff --git a/doc/fixes36.4 b/doc/fixes36.4 index 8d1b2e240..decfdb976 100644 --- a/doc/fixes36.4 +++ b/doc/fixes36.4 @@ -1,8 +1,8 @@ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.4 $ $NHDT-Date: 1576287569 2019/12/14 01:39:29 $ -This fixes36.4 file is here to capture information about updates in the 3.6.x -lineage following the release of 3.6.3 in December 2019. Hypothetical version -3.6.4 may not be released, in which case these fixes will appear in 3.7.0. +fixes36.4 contains a terse summary of changes made to 3.6.3 in order to +produce 3.6.4. + General Fixes and Modified Features ----------------------------------- @@ -18,23 +18,12 @@ dozen-ish assorted spelling/typo fixes in messages and source comments fix potential buffer overflow when parsing run-time configuration file -Fixes to Post-3.6.3 Problems that Were Exposed Via git Repository ------------------------------------------------------------------- - - Platform- and/or Interface-Specific Fixes or Features ----------------------------------------------------- General New Features -------------------- - - -NetHack Community Patches (or Variation) Included -------------------------------------------------- - - -Code Cleanup and Reorganization -------------------------------- +none From 2b0040975ba7de817c46a8a1cc23e61701b3d5d7 Mon Sep 17 00:00:00 2001 From: nhmall Date: Tue, 17 Dec 2019 14:00:28 -0500 Subject: [PATCH 5/7] README update --- README | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/README b/README index d608a997b..b252f7833 100644 --- a/README +++ b/README @@ -5,7 +5,8 @@ which is a distant descendent of Rogue and Hack, and a direct descendent of NetHack 3.4 as there was no NetHack 3.5 release. NetHack 3.6.4 is the official release of NetHack that follows NetHack 3.6.3 -and contains all bug fixes since then, including one security-related fix. +and contains all bug fixes since then, including one security-related +fix for a vulnerability potentially impacting 3.6.0, 3.6.1, 3.6.2, and 3.6.3. The file doc/fixes36.4 in the source distribution has a full list of them. The text in there was written for the development team's own use and is provided "as is", so please do not ask us to further explain the entries in that file. From 74a5339a5ed58f7cb738e0390f57b965380cced6 Mon Sep 17 00:00:00 2001 From: nhmall Date: Fri, 13 Dec 2019 18:37:36 -0500 Subject: [PATCH 6/7] housekeeping updates for 3.6.4 typos README update --- README | 81 +++++++++---------------- dat/history | 3 + doc/Guidebook.mn | 5 +- doc/Guidebook.tex | 7 ++- include/global.h | 2 +- include/patchlevel.h | 11 +++- src/windows.c | 2 +- sys/amiga/.gitattributes | 2 +- sys/atari/.gitattributes | 2 +- sys/be/.gitattributes | 2 +- sys/msdos/.gitattributes | 2 +- sys/os2/.gitattributes | 2 +- sys/share/.gitattributes | 10 +-- sys/unix/README.linux | 4 +- sys/unix/sysconf | 2 +- sys/vms/Install.vms | 6 +- sys/vms/Makefile.src | 2 +- sys/vms/vmsbuild.com | 2 +- sys/wince/.gitattributes | 2 +- sys/wince/ceinc/.gitattributes | 2 +- sys/wince/winhack.rc | 10 +-- sys/wince/winhcksp.rc | 10 +-- sys/winnt/Install.nt | 4 +- sys/winnt/Makefile.gcc | 2 +- sys/winnt/Makefile.msc | 2 +- sys/winnt/nethack.def | 2 +- sys/winnt/sysconf.template | 7 ++- util/makedefs.c | 2 +- win/gem/.gitattributes | 2 +- win/gnome/.gitattributes | 2 +- win/macosx/NetHackGuidebook.applescript | 2 +- win/win32/NetHackW.rc | 8 +-- win/win32/mswproc.c | 2 +- win/win32/nethack.rc | 8 +-- 34 files changed, 106 insertions(+), 108 deletions(-) diff --git a/README b/README index 5cbcb70c4..b252f7833 100644 --- a/README +++ b/README @@ -1,52 +1,27 @@ - NetHack 3.6.3 -- General information December 5, 2019 + NetHack 3.6.4 -- General information December 17, 2019 NetHack 3.6 is an enhancement to the dungeon exploration game NetHack, which is a distant descendent of Rogue and Hack, and a direct descendent of NetHack 3.4 as there was no NetHack 3.5 release. -NetHack 3.6.3 is the official release of NetHack that follows NetHack 3.6.2. -It contains a collection of over 190 bug fixes to NetHack 3.6.2 and over 22 -game enhancements and community contributions. The file doc/fixes36.3 in the -source distribution has a full list of them. The text in there was written for -the development team's own use and is provided "as is", so please do not ask -us to further explain the entries in that file. Some entries might be -considered "spoilers", particularly in the "new features" section. +NetHack 3.6.4 is the official release of NetHack that follows NetHack 3.6.3 +and contains all bug fixes since then, including one security-related +fix for a vulnerability potentially impacting 3.6.0, 3.6.1, 3.6.2, and 3.6.3. +The file doc/fixes36.4 in the source distribution has a full list of them. The +text in there was written for the development team's own use and is provided +"as is", so please do not ask us to further explain the entries in that file. +Some entries might be considered "spoilers", particularly in the "new features" +section. Below you will find some other general notes that were not considered spoilers: - * Fixed stale 'thrownobj' pointer for returning thrown aklys while engulfed - * Fixed uarmh null pointer dereference if a helm of opposite alignment came - * off due to being polymorphed - * Fixed 'object lost' panic when attempting to crawl of of the water during - * emergency disrobing/dropping - * Running now stops when moving over engravings so you can tell where they - * are - * Fixed detection of unseen/secret doors which failed to find monsters hiding - * under objects and failed to find monsters hiding at trap locations - * Ensured fatal status conditions made it to disclosure and/or dumplog - * Fixed "Bad fruit #N" warnings when saving bones with 'perm_invent' On - * Fixed it so yellow dragons don't have green breath - * Added several grammar corrections - * Improved recognition of deafness for several situations including the - * playing of musical instruments and bribing negotiations with demon lords - * Fixed ignoring of god's wrath when hero injured himself during altar kick - * Fixed several cases where persistent inventory window was not updated - * Fixed temple priests or shopkeepers moving over other monsters - * Fixed a crash-causing bug when putting on levitation boots over a sink - * Ensured that thrown or kicked objects will end up in bones - * Made water go all the way to the edges of level on the Plane of Water - * Made clouds disrupt line of sight along the edges of the Plane of Air - * Improved and expanded usage of status highlighting percentage rules - * Added more than 15 improvements and fixes to the curses window port - * Added and documented significant changes to default directory choices for - * the Windows platform - * Improved the layout and display of the player selection dialog used on the - * Windows graphical implementation - * Improved performance of some tty versions by reducing the number of - * function calls made from mapglyph - * Allowed the msdos implementation to build with curses and PDCurses - * Over 100 other fixes and improvements + * GDBPATH and GREPPATH from sysconf or -D... on compilation command line were + * being processed even if PANICTRACE was disabled but only being freed + * at end of game when that was enabled + * fix the article used in the message when your steed encounters a polymorph trap + * dozen-ish assorted spelling/typo fixes in messages and source comments + * fix potential buffer overflow when parsing run-time configuration file - - - - - - - - - - - @@ -57,13 +32,13 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. call it. 2. Having unpacked, you should have a file called 'Files' in your Top - directory. + directory. This file contains the list of all the files you now SHOULD have in each directory. Please check the files in each directory against this list to make sure that you have a complete set. - This file also contains a list of what files are created during + This file also contains a list of what files are created during the build process. The names of the directories listed should not be changed unless you @@ -88,7 +63,7 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. At the time of this release, NetHack 3.6 has been tested to run/compile on: - Intel Pentium or better (or clone) running Linux, BSDI, or + Intel Pentium or better (or clone) running Linux, BSDI, or Windows (7 through 10) Intel 80386 or greater (or clone) boxes running Linux, or BSDI Mac OS X 10.11 (follow the instructions in sys/unix, not sys/mac) @@ -97,8 +72,8 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. Instructions have been provided by way of community contribution on: msdos protected mode using djgpp - Previous versions of NetHack were tested and known to run on the - following systems, but it is unknown if they can still build and + Previous versions of NetHack were tested and known to run on the + following systems, but it is unknown if they can still build and execute NetHack 3.6: Apple Macintosh running MacOS 7.5 or higher, LinuxPPC, BeOS 4.0 @@ -151,7 +126,7 @@ Please read items (1), (2) and (3) BEFORE doing anything with your new code. - - - - - - - - - - - -If you have problems building the game, or you find bugs in it, we recommend +If you have problems building the game, or you find bugs in it, we recommend filing a bug report from our "Contact Us" web page at: https://www.nethack.org/common/contact.html Please include the version information from #version or the command line @@ -165,12 +140,12 @@ available can be obtained via git here: When sending correspondence, please observe the following: o Please be sure to include your machine type, OS, and patchlevel. -o Please avoid sending us binary files (e.g. save files or bones files). +o Please avoid sending us binary files (e.g. save files or bones files). If you have found a bug and think that your save file would aid in solving - the problem, send us a description in words of the problem, your machine - type, your operating system, and the version of NetHack. Tell us that you + the problem, send us a description in words of the problem, your machine + type, your operating system, and the version of NetHack. Tell us that you have a save file, but do not actually send it. - You may then be contacted by a member of the development team with the + You may then be contacted by a member of the development team with the address of a specific person to send the save file to. o Though we make an effort to reply to each bug report, it may take some time before you receive feedback. This is especially true during the @@ -179,16 +154,16 @@ o We don't give hints for playing the game. o Don't bother to ask when the next version will be out or you can expect to receive a stock answer. -If you want to submit a patch for the NetHack source code via email directly, +If you want to submit a patch for the NetHack source code via email directly, you can direct it to this address: nethack-bugs (at) nethack.org -If a feature is not accepted you are free, of course, to post the patches +If a feature is not accepted you are free, of course, to post the patches to the net yourself and let the marketplace decide their worth. All of this amounts to the following: If you decide to apply a free-lanced patch to your 3.6 code, you are welcome to do so, of course, but we won't -be able to provide support or receive bug reports for it. +be able to provide support or receive bug reports for it. In our own patches, we will assume that your code is synchronized with ours. diff --git a/dat/history b/dat/history index 50cb7ca1a..7dcaaca18 100644 --- a/dat/history +++ b/dat/history @@ -223,6 +223,9 @@ for decades, joined the NetHack Development Team in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. +NetHack 3.6.4 was released on December 17, 2019 containing a security +fix and a few bug fixes. + The official NetHack web site is maintained by Ken Lorber at http://www.nethack.org/. diff --git a/doc/Guidebook.mn b/doc/Guidebook.mn index 35ecfa425..8d753d9f8 100644 --- a/doc/Guidebook.mn +++ b/doc/Guidebook.mn @@ -24,7 +24,7 @@ .ds vr "NetHack 3.6 .ds f0 "\*(vr .ds f1 -.ds f2 "December 5, 2019 +.ds f2 "December 17, 2019 . .\" A note on some special characters: .\" \(lq = left double quote @@ -5151,6 +5151,9 @@ participant for decades, joined the NetHack Development Team in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. .pg +NetHack 3.6.4 was released on December 17, 2019 containing a security fix +and a few bug fixes. +.pg The official NetHack web site is maintained by \fBKen Lorber\fP at .UR https://www.nethack.org/ . diff --git a/doc/Guidebook.tex b/doc/Guidebook.tex index 049aa8598..36d459db0 100644 --- a/doc/Guidebook.tex +++ b/doc/Guidebook.tex @@ -45,7 +45,7 @@ %.au \author{Original version - Eric S. Raymond\\ (Edited and expanded for 3.6 by Mike Stephenson and others)} -\date{December 5, 2019} +\date{December 17, 2019} \maketitle @@ -5753,6 +5753,11 @@ for decades, joined the {\it NetHack Development Team} in late May 2019. NetHack 3.6.3 was released on December 5, 2019 containing over 190 bug fixes to NetHack 3.6.2. +%.pg +\medskip +NetHack 3.6.4 was released on December 17, 2019 containing a security fix and +a few bug fixes. + %.pg \medskip \nd The official {\it NetHack\/} web site is maintained by {\it Ken Lorber} at diff --git a/include/global.h b/include/global.h index 5c02491c3..a2b70d258 100644 --- a/include/global.h +++ b/include/global.h @@ -19,7 +19,7 @@ /* * Development status of this NetHack version. */ -#define NH_DEVEL_STATUS NH_STATUS_POSTRELEASE +#define NH_DEVEL_STATUS NH_STATUS_RELEASED #ifndef DEBUG /* allow tool chains to define without causing warnings */ #define DEBUG diff --git a/include/patchlevel.h b/include/patchlevel.h index c945e68b5..01e1c3438 100644 --- a/include/patchlevel.h +++ b/include/patchlevel.h @@ -9,7 +9,7 @@ /* * PATCHLEVEL is updated for each release. */ -#define PATCHLEVEL 3 +#define PATCHLEVEL 4 /* * Incrementing EDITLEVEL can be used to force invalidation of old bones * and save files. @@ -36,6 +36,15 @@ /****************************************************************************/ /* Version 3.6.x */ +/* Patch 4, December 17, 2019 + * GDBPATH and GREPPATH from sysconf or -D... on compilation command line were + * being processed even if PANICTRACE was disabled but only being freed + * at end of game when that was enabled + * fix the article used in the message when your steed encounters a polymorph trap + * dozen-ish assorted spelling/typo fixes in messages and source comments + * fix potential buffer overflow when parsing run-time configuration file + */ + /* Patch 3, December 5, 2019 * * Fixed stale 'thrownobj' pointer for returning thrown aklys while engulfed diff --git a/src/windows.c b/src/windows.c index 0f0ccb4ed..974479187 100644 --- a/src/windows.c +++ b/src/windows.c @@ -1157,7 +1157,7 @@ boolean fullsubs; /* True -> full substitution for file name, False -> else Strcpy(tmpbuf, "{current date+time}"); break; - case 'v': /* version, eg. "3.6.3-0" */ + case 'v': /* version, eg. "3.6.4-0" */ Sprintf(tmpbuf, "%s", version_string(verbuf)); break; case 'u': /* UID */ diff --git a/sys/amiga/.gitattributes b/sys/amiga/.gitattributes index 5df6a5f30..f969b5ebc 100644 --- a/sys/amiga/.gitattributes +++ b/sys/amiga/.gitattributes @@ -1,2 +1,2 @@ *.p NHSUBST -* NH_filestag=(file%s_for_Amiga_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Amiga_versions_-_untested_for_3.6.4) diff --git a/sys/atari/.gitattributes b/sys/atari/.gitattributes index 66c510f6c..ff75d0637 100644 --- a/sys/atari/.gitattributes +++ b/sys/atari/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_Atari_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Atari_version_-_untested_for_3.6.4) diff --git a/sys/be/.gitattributes b/sys/be/.gitattributes index 9d9a35874..76b400189 100644 --- a/sys/be/.gitattributes +++ b/sys/be/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_BeOS_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_BeOS_version_-_untested_for_3.6.4) diff --git a/sys/msdos/.gitattributes b/sys/msdos/.gitattributes index 77cd3847b..a0b35794c 100644 --- a/sys/msdos/.gitattributes +++ b/sys/msdos/.gitattributes @@ -4,6 +4,6 @@ Makefile.* NHSUBST Install.* NHSUBST moveinit.pat NH_header=no vesa.h NH_header=no -* NH_filestag=(file%s_for_MSDOS_version_-_tested_for_3.6.3_via_cross-compile_only) +* NH_filestag=(file%s_for_MSDOS_version_-_tested_for_3.6.4_via_partial_cross-compile_only) nhico.uu NH_filestag=(file%s_for_running_MSDOS_binary_under_Windows) nhpif.uu NH_filestag=>nhico.uu diff --git a/sys/os2/.gitattributes b/sys/os2/.gitattributes index 0537d04f5..d3d1c307d 100644 --- a/sys/os2/.gitattributes +++ b/sys/os2/.gitattributes @@ -1,2 +1,2 @@ Makefile.* NHSUBST -* NH_filestag=(file%s_for_OS/2_version_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_OS/2_version_-_untested_for_3.6.4) diff --git a/sys/share/.gitattributes b/sys/share/.gitattributes index a34fbc350..271c3c59f 100644 --- a/sys/share/.gitattributes +++ b/sys/share/.gitattributes @@ -5,16 +5,16 @@ dgn_comp.h NH_header=no lev_comp.h NH_header=no Makefile.lib NH_header=no -Makefile.lib NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.3) -#termcap.uu NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.3) +Makefile.lib NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.4) +#termcap.uu NH_filestag=(file%s_for_MSDOS_and_OS/2_versions_-_untested_for_3.6.4) termcap.uu NH_filestag=>Makefile.lib -pcmain.c NH_filestag=(file_for_MSDOS,_OS/2,_Amiga,_and_Atari_versions_-_untested_for_3.6.3) +pcmain.c NH_filestag=(file_for_MSDOS,_OS/2,_Amiga,_and_Atari_versions_-_untested_for_3.6.4) -pcsys.c NH_filestag=(file%s_for_MSDOS,_OS/2_and_Atari_versions_-_tested_on_MSDOS_for_3.6.3_via_cross-compile_only) +pcsys.c NH_filestag=(file%s_for_MSDOS,_OS/2_and_Atari_versions_-_tested_on_MSDOS_for_3.6.4_via_partial_cross-compile_only) pcunix.c NH_filestag=>pcsys.c -NetHack.cnf NH_filestag=(file_for_MSDOS,_OS/2,_and_Atari_versions_-_untested_for_3.6.3) +NetHack.cnf NH_filestag=(file_for_MSDOS,_OS/2,_and_Atari_versions_-_untested_for_3.6.4) pctty.c NH_filestag=>NetHack.cnf ioctl.c NH_filestag=(file%s_for_UNIX_and_Be_versions) diff --git a/sys/unix/README.linux b/sys/unix/README.linux index b98d4cc7c..e96be77cd 100644 --- a/sys/unix/README.linux +++ b/sys/unix/README.linux @@ -26,8 +26,8 @@ home directory you might perform these steps. If you have old record and logfile entries from a previous NetHack version, you might want to save copies before they get overwritten by the new empty -files; old saved games and bones files from 3.6.0 through to 3.6.2 should -work with 3.6.3 but even older saved games and bones files from 3.4.3 will +files; old saved games and bones files from 3.6.0 through to 3.6.3 should +work with 3.6.4 but even older saved games and bones files from 3.4.3 will not. If you are installing from the RPM, there is no need to save the old record and logfile; they are automatically preserved. diff --git a/sys/unix/sysconf b/sys/unix/sysconf index 7a5c8a1c4..b8bfbcb9a 100644 --- a/sys/unix/sysconf +++ b/sys/unix/sysconf @@ -95,7 +95,7 @@ MAXPLAYERS=10 # Only available if NetHack was compiled with DUMPLOG # Allows following placeholders: # %% literal '%' -# %v version (eg. "3.6.3-0") +# %v version (eg. "3.6.4-0") # %u game UID # %t game start time, UNIX timestamp format # %T current time, UNIX timestamp format diff --git a/sys/vms/Install.vms b/sys/vms/Install.vms index 8c4bb2ee2..37418f261 100644 --- a/sys/vms/Install.vms +++ b/sys/vms/Install.vms @@ -1,4 +1,4 @@ - Instructions for Building and Installing NetHack 3.6.3 + Instructions for Building and Installing NetHack 3.6.4 on a VMS (aka OpenVMS) system ========================================= @@ -146,8 +146,8 @@ Notes: 0. Version 3.5.x was never publicly released. 1. Save files and bones files from 3.4.x and earlier versions - will not work with 3.6.3, but save files and bones file from 3.6.0, - through 3.6.2 should work. The scoreboard file (RECORD) from 3.6.x + will not work with 3.6.4, but save files and bones file from 3.6.0, + through 3.6.4 should work. The scoreboard file (RECORD) from 3.6.x or 3.4.x or 3.3.x will work. 2. To specify user-preference options in your environment, define the diff --git a/sys/vms/Makefile.src b/sys/vms/Makefile.src index 194a27fc8..566f129d4 100644 --- a/sys/vms/Makefile.src +++ b/sys/vms/Makefile.src @@ -133,7 +133,7 @@ RANDOBJ = isaac64.obj,random.obj # Other things that have to be reconfigured are in vmsconf.h, # and config.h -VERSION = 3.6.3 +VERSION = 3.6.4 MAKEDEFS = $(UTL)makedefs.exe; diff --git a/sys/vms/vmsbuild.com b/sys/vms/vmsbuild.com index 6a9e50f36..50dd41fc2 100755 --- a/sys/vms/vmsbuild.com +++ b/sys/vms/vmsbuild.com @@ -1,5 +1,5 @@ $ ! vms/vmsbuild.com -- compile and link NetHack 3.6.* [pr] -$ version_number = "3.6.3" +$ version_number = "3.6.4" $ ! $NHDT-Date: 1557701518 2019/05/12 22:51:58 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.23 $ $ ! Copyright (c) 2018 by Robert Patrick Rankin $ ! NetHack may be freely redistributed. See license for details. diff --git a/sys/wince/.gitattributes b/sys/wince/.gitattributes index 8e28791ce..70924b994 100644 --- a/sys/wince/.gitattributes +++ b/sys/wince/.gitattributes @@ -1,4 +1,4 @@ *.ce NHSUBST *.mak NHSUBST *.bat NHSUBST -* NH_filestag=(file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.4) diff --git a/sys/wince/ceinc/.gitattributes b/sys/wince/ceinc/.gitattributes index 8e72b80f0..e95fe9840 100644 --- a/sys/wince/ceinc/.gitattributes +++ b/sys/wince/ceinc/.gitattributes @@ -1 +1 @@ -* NH_filestag=(header_file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.3) +* NH_filestag=(header_file%s_for_Windows_CE_and_PocketPC_-_untested_for_3.6.4) diff --git a/sys/wince/winhack.rc b/sys/wince/winhack.rc index c85fdec67..b928c3b04 100644 --- a/sys/wince/winhack.rc +++ b/sys/wince/winhack.rc @@ -284,8 +284,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -300,17 +300,17 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "Comments", "NetHack 3.6.3 for Windows CE\0" + VALUE "Comments", "NetHack 3.6.4 for Windows CE\0" VALUE "CompanyName", " \0" VALUE "FileDescription", "nethackm\0" - VALUE "FileVersion", "3, 6, 3, 0\0" + VALUE "FileVersion", "3, 6, 4, 0\0" VALUE "InternalName", "nethackm\0" VALUE "LegalCopyright", "Copyright © 1985-2019\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "nethackm.exe\0" VALUE "PrivateBuild", "090914\0" VALUE "ProductName", "NetHack\0" - VALUE "ProductVersion", "3, 6, 3, 0\0" + VALUE "ProductVersion", "3, 6, 4, 0\0" VALUE "SpecialBuild", "\0" END END diff --git a/sys/wince/winhcksp.rc b/sys/wince/winhcksp.rc index 04f7aec40..3e5373a2f 100644 --- a/sys/wince/winhcksp.rc +++ b/sys/wince/winhcksp.rc @@ -260,8 +260,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x3fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -276,17 +276,17 @@ BEGIN BEGIN BLOCK "040904b0" BEGIN - VALUE "Comments", "NetHack 3.6.3 for Smartphone 2002\0" + VALUE "Comments", "NetHack 3.6.4 for Smartphone 2002\0" VALUE "CompanyName", " \0" VALUE "FileDescription", "nethackm\0" - VALUE "FileVersion", "3, 6, 3, 0\0" + VALUE "FileVersion", "3, 6, 4, 0\0" VALUE "InternalName", "nethackm\0" VALUE "LegalCopyright", "Copyright © 1985-2019\0" VALUE "LegalTrademarks", "\0" VALUE "OriginalFilename", "nethackm.exe\0" VALUE "PrivateBuild", "090914\0" VALUE "ProductName", "NetHack For Smartphone\0" - VALUE "ProductVersion", "3, 6, 3, 0\0" + VALUE "ProductVersion", "3, 6, 4, 0\0" VALUE "SpecialBuild", "\0" END END diff --git a/sys/winnt/Install.nt b/sys/winnt/Install.nt index 5b87226c1..7ef199034 100644 --- a/sys/winnt/Install.nt +++ b/sys/winnt/Install.nt @@ -16,7 +16,7 @@ contributed the port. Alex Kompel, Dion Nicolaas, Yitzhak Sapir, Derek S. Ray, Michael Allison, Pasi Kallinen, Bart House, and Janet Walz contributed to the maintainance -of the tty and graphical windows versions of NetHack 3.6.3. +of the tty and graphical windows versions of NetHack 3.6.4. You can build a TTY version of NetHack and a Windows Graphical version. You can use one of the following build environments: @@ -151,7 +151,7 @@ a 32-bit x86 version, or a 64-bit x64 version. The default Makefile is set up for a 32-bit x86 version, but that's only because it will run on the most number of existing Windows environments. -NetHack's save files and bones files in the 3.6.3 release have not yet +NetHack's save files and bones files in the 3.6.4 release have not yet evolved enough to allow them to interchange between the 32-bit version and the 64-bit version (or between different platforms). Hopefully that will change in an upcoming release. diff --git a/sys/winnt/Makefile.gcc b/sys/winnt/Makefile.gcc index d19532369..a1eead86f 100644 --- a/sys/winnt/Makefile.gcc +++ b/sys/winnt/Makefile.gcc @@ -139,7 +139,7 @@ SKIP_NETHACKW=Y #============================================================================== # The version of the game this Makefile was designed for -NETHACK_VERSION="3.6.3" +NETHACK_VERSION="3.6.4" # A brief version for use in macros NHV1=$(subst .,,$(NETHACK_VERSION)) diff --git a/sys/winnt/Makefile.msc b/sys/winnt/Makefile.msc index 550c71fc0..2ecca426b 100644 --- a/sys/winnt/Makefile.msc +++ b/sys/winnt/Makefile.msc @@ -93,7 +93,7 @@ DEBUGINFO = Y #============================================================================== # # The version of the game this Makefile was designed for -NETHACK_VERSION="3.6.3" +NETHACK_VERSION="3.6.4" # A brief version for use in macros NHV=$(NETHACK_VERSION:.=) diff --git a/sys/winnt/nethack.def b/sys/winnt/nethack.def index bc08347a1..67f372a46 100644 --- a/sys/winnt/nethack.def +++ b/sys/winnt/nethack.def @@ -1,5 +1,5 @@ NAME NETHACK -DESCRIPTION 'NetHack 3.6.3 for Windows' +DESCRIPTION 'NetHack 3.6.4 for Windows' EXETYPE WINDOWS STUB 'WINSTUB.EXE' CODE PRELOAD MOVEABLE DISCARDABLE diff --git a/sys/winnt/sysconf.template b/sys/winnt/sysconf.template index fccec7fe6..e8b70015f 100644 --- a/sys/winnt/sysconf.template +++ b/sys/winnt/sysconf.template @@ -24,7 +24,7 @@ WIZARDS=* # Only available if NetHack was compiled with DUMPLOG # Allows following placeholders: # %% literal '%' -# %v version (eg. "3.6.3-0") +# %v version (eg. "3.6.4-0") # %u game UID # %t game start time, UNIX timestamp format # %T current time, UNIX timestamp format @@ -77,6 +77,9 @@ WIZARDS=* # IMPORTANT: If you change any of these locations, the directories they # point at must exist. NetHack will not create them for you. # +# Before adjusting, you can verify the default locations for files with: +# nethack --showpaths +# # The location that users can adjust their config file startup options #CONFIGDIR=%USERPROFILE%\NetHack # @@ -88,7 +91,7 @@ WIZARDS=* #HACKDIR=%USERPROFILE%\NetHack\3.6 # # The location that level files in progress are stored (writeable) -LEVELDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 +#LEVELDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 # # The location where saved games are kept (writeable) #SAVEDIR=%USERPROFILE%\AppData\Local\NetHack\3.6 diff --git a/util/makedefs.c b/util/makedefs.c index 22194eafa..2bb521b70 100644 --- a/util/makedefs.c +++ b/util/makedefs.c @@ -53,7 +53,7 @@ #endif #if defined(UNIX) && !defined(LINT) && !defined(GCC_WARN) -static const char SCCS_Id[] UNUSED = "@(#)makedefs.c\t3.6\t2019/12/05"; +static const char SCCS_Id[] UNUSED = "@(#)makedefs.c\t3.6\t2019/12/17"; #endif /* names of files to be generated */ diff --git a/win/gem/.gitattributes b/win/gem/.gitattributes index e108c78d7..3c4d1eef1 100644 --- a/win/gem/.gitattributes +++ b/win/gem/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_GEM_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_GEM_versions_-_untested_for_3.6.4) diff --git a/win/gnome/.gitattributes b/win/gnome/.gitattributes index 013227bc8..6f8e9f364 100644 --- a/win/gnome/.gitattributes +++ b/win/gnome/.gitattributes @@ -1 +1 @@ -* NH_filestag=(file%s_for_GNOME_versions_-_untested_for_3.6.3) +* NH_filestag=(file%s_for_GNOME_versions_-_untested_for_3.6.4) diff --git a/win/macosx/NetHackGuidebook.applescript b/win/macosx/NetHackGuidebook.applescript index dd05a3a8f..977d4d713 100644 --- a/win/macosx/NetHackGuidebook.applescript +++ b/win/macosx/NetHackGuidebook.applescript @@ -1,5 +1,5 @@ #!/usr/bin/osascript -# NetHack 3.6.3 NetHackGuidebook.applescript $NHDT-Date: 1575245175 2019/12/02 00:06:15 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.10 $ +# NetHack 3.6 NetHackGuidebook.applescript $NHDT-Date: 1575245175 2019/12/02 00:06:15 $ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.10 $ # Copyright (c) Kenneth Lorber, Kensington, Maryland, 2011 # NetHack may be freely redistributed. See license for details. diff --git a/win/win32/NetHackW.rc b/win/win32/NetHackW.rc index 59381dd90..a98f6f021 100644 --- a/win/win32/NetHackW.rc +++ b/win/win32/NetHackW.rc @@ -320,8 +320,8 @@ END // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x1fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -337,13 +337,13 @@ BEGIN BLOCK "040904b0" BEGIN VALUE "FileDescription", "NetHack for Windows - Graphical Interface" - VALUE "FileVersion", "3.6.3" + VALUE "FileVersion", "3.6.4" VALUE "InternalName", "NetHackW" VALUE "LegalCopyright", "Copyright (C) 1985 - 2019. By Stichting Mathematisch Centrum and M. Stephenson. See license for details." VALUE "OriginalFilename", "NetHackW.exe" VALUE "PrivateBuild", "140606" VALUE "ProductName", "NetHack" - VALUE "ProductVersion", "3.6.3" + VALUE "ProductVersion", "3.6.4" END END BLOCK "VarFileInfo" diff --git a/win/win32/mswproc.c b/win/win32/mswproc.c index 324418f0c..f117fc3ce 100644 --- a/win/win32/mswproc.c +++ b/win/win32/mswproc.c @@ -2316,7 +2316,7 @@ logDebug(const char *fmt, ...) /* Reading and writing settings from the registry. */ #define CATEGORYKEY "Software" #define COMPANYKEY "NetHack" -#define PRODUCTKEY "NetHack 3.6.3" +#define PRODUCTKEY "NetHack 3.6.4" #define SETTINGSKEY "Settings" #define MAINSHOWSTATEKEY "MainShowState" #define MAINMINXKEY "MainMinX" diff --git a/win/win32/nethack.rc b/win/win32/nethack.rc index c7ee38399..3f30ae2c4 100644 --- a/win/win32/nethack.rc +++ b/win/win32/nethack.rc @@ -60,8 +60,8 @@ IDI_ICON1 ICON "nethack.ico" // VS_VERSION_INFO VERSIONINFO - FILEVERSION 3,6,3,0 - PRODUCTVERSION 3,6,3,0 + FILEVERSION 3,6,4,0 + PRODUCTVERSION 3,6,4,0 FILEFLAGSMASK 0x1fL #ifdef _DEBUG FILEFLAGS 0x9L @@ -77,12 +77,12 @@ BEGIN BLOCK "040904b0" BEGIN VALUE "FileDescription", "NetHack for Windows - TTY Interface" - VALUE "FileVersion", "3.6.3" + VALUE "FileVersion", "3.6.4" VALUE "InternalName", "NetHack" VALUE "LegalCopyright", "Copyright (C) 1985 - 2019. By Stichting Mathematisch Centrum and M. Stephenson. See license for details." VALUE "OriginalFilename", "NetHack.exe" VALUE "ProductName", "NetHack" - VALUE "ProductVersion", "3.6.3" + VALUE "ProductVersion", "3.6.4" END END BLOCK "VarFileInfo" From f4a840a48f4bcf11757b3d859e9d53cc9d5ef226 Mon Sep 17 00:00:00 2001 From: PatR Date: Fri, 13 Dec 2019 13:36:38 -0800 Subject: [PATCH 7/7] fix potential buffer overflow loading config file --- doc/fixes36.4 | 21 +++++---------------- src/files.c | 35 +++++++++++++++++++++++------------ 2 files changed, 28 insertions(+), 28 deletions(-) diff --git a/doc/fixes36.4 b/doc/fixes36.4 index f1ec65af0..441dd7770 100644 --- a/doc/fixes36.4 +++ b/doc/fixes36.4 @@ -1,8 +1,8 @@ $NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.4 $ $NHDT-Date: 1576287569 2019/12/14 01:39:29 $ -This fixes36.4 file is here to capture information about updates in the 3.6.x -lineage following the release of 3.6.3 in December 2019. Hypothetical version -3.6.4 may not be released, in which case these fixes will appear in 3.7.0. +fixes36.4 contains a terse summary of changes made to 3.6.3 in order to +produce 3.6.4. + General Fixes and Modified Features ----------------------------------- @@ -15,11 +15,7 @@ message "your knapsack can't accomodate any more items" when picking stuff up or removing such from container was inaccurate if there was some gold pending; vary the message rather than add more convoluted pickup code dozen-ish assorted spelling/typo fixes in messages and source comments -flying hero could not use a hole deliberately with '>' - - -Fixes to Post-3.6.3 Problems that Were Exposed Via git Repository ------------------------------------------------------------------- +fix potential buffer overflow when parsing run-time configuration file Platform- and/or Interface-Specific Fixes or Features @@ -30,13 +26,6 @@ allow run-from-removable-device on Windows General New Features -------------------- - - -NetHack Community Patches (or Variation) Included -------------------------------------------------- - - -Code Cleanup and Reorganization -------------------------------- +none diff --git a/src/files.c b/src/files.c index 7f9cf65b0..5e500ae3a 100644 --- a/src/files.c +++ b/src/files.c @@ -2309,10 +2309,14 @@ char *origbuf; int len; boolean retval = TRUE; + while (*origbuf == ' ' || *origbuf == '\t') /* skip leading whitespace */ + ++origbuf; /* (caller probably already did this) */ + (void) strncpy(buf, origbuf, sizeof buf - 1); + buf[sizeof buf - 1] = '\0'; /* strncpy not guaranteed to NUL terminate */ /* convert any tab to space, condense consecutive spaces into one, remove leading and trailing spaces (exception: if there is nothing but spaces, one of them will be kept even though it leads/trails) */ - mungspaces(strcpy(buf, origbuf)); + mungspaces(buf); /* find the '=' or ':' */ bufp = find_optparam(buf); @@ -3034,7 +3038,11 @@ boolean proc_wizkit_line(buf) char *buf; { - struct obj *otmp = readobjnam(buf, (struct obj *) 0); + struct obj *otmp; + + if (strlen(buf) >= BUFSZ) + buf[BUFSZ - 1] = '\0'; + otmp = readobjnam(buf, (struct obj *) 0); if (otmp) { if (otmp != &zeroobj) @@ -3142,22 +3150,23 @@ boolean FDECL((*proc), (char *)); /* merge now read line with previous ones, if necessary */ if (!ignoreline) { - len = (int) strlen(inbuf) + 1; + len = (int) strlen(ep) + 1; /* +1: final '\0' */ if (buf) - len += (int) strlen(buf); + len += (int) strlen(buf) + 1; /* +1: space */ tmpbuf = (char *) alloc(len); + *tmpbuf = '\0'; if (buf) { - Sprintf(tmpbuf, "%s %s", buf, inbuf); + Strcat(strcpy(tmpbuf, buf), " "); free(buf); - } else - Strcpy(tmpbuf, inbuf); - buf = tmpbuf; + } + buf = strcat(tmpbuf, ep); + buf[sizeof inbuf - 1] = '\0'; } if (morelines || (ignoreline && !oldline)) continue; - if (handle_config_section(ep)) { + if (handle_config_section(buf)) { free(buf); buf = (char *) 0; continue; @@ -3179,11 +3188,11 @@ boolean FDECL((*proc), (char *)); } bufp++; if (config_section_chosen) - free(config_section_chosen); + free(config_section_chosen), config_section_chosen = 0; section = choose_random_part(bufp, ','); - if (section) + if (section) { config_section_chosen = dupstr(section); - else { + } else { config_error_add("No config section to choose"); rv = FALSE; } @@ -3300,6 +3309,8 @@ int which_set; struct symparse *symp; char *bufp, *commentp, *altp; + if (strlen(buf) >= BUFSZ) + buf[BUFSZ - 1] = '\0'; /* convert each instance of whitespace (tabs, consecutive spaces) into a single space; leading and trailing spaces are stripped */ mungspaces(buf);