nethack -s buffer overflow fix

When printing invalid player names in -s mode, it was possible to overflow
the output buffer due to a missing buffer size check.  On shared Unix-like
systems with executable stacks, this could be used as a security exploit,
eg to obtain a shell running as user or group games.
While I was at it, removed a dead block of "#if 0" code

doc/fixes34.1

@@ -379,6 +379,7 @@ see_monsters() wasn't called when you lost the innate warning intrinsic due
 xorns sink if the drawbridge they're standing on is raised
 applying figurines to an adjacent spot over water does drowning checks
 fix sequencing of Magicbane's hit messages
+avoid buffer overflow from long or too many -s params
 
 
 Platform- and/or Interface-Specific Fixes

src/topten.c

@@ -788,14 +788,6 @@ char **argv;
 	if (!argv[1][2]){	/* plain "-s" */
 		argc--;
 		argv++;
-#if 0 /* uses obsolete pl_classes[] */
-	} else if (!argv[1][3] && index(pl_classes, argv[1][2])) {
-		/* may get this case instead of next accidentally,
-		 * but neither is listed in the documentation, so
-		 * anything useful that happens is a bonus anyway */
-		argv[1]++;
-		argv[1][0] = '-';
-#endif
 	} else	argv[1] += 2;
 
 	if (argc > 1 && !strcmp(argv[1], "-v")) {
@@ -857,6 +849,12 @@ char **argv;
 	    else {
 		if (playerct > 1) Strcat(pbuf, "any of ");
 		for (i = 0; i < playerct; i++) {
+		    /* stop printing players if there are too many to fit */
+		    if (strlen(pbuf) + strlen(players[i]) + 2 >= BUFSZ) {
+			if (strlen(pbuf) < BUFSZ-4) Strcat(pbuf, "...");
+			else Strcpy(pbuf+strlen(pbuf)-4, "...");
+			break;
+		    }
 		    Strcat(pbuf, players[i]);
 		    if (i < playerct-1) {
 			if (players[i][0] == '-' &&