nethack-gwaa-kiwi/nethack
1
0
Fork 0
Code Pull Requests Activity

options bit

Browse Source 
I glanced over the options parsing looking for issues, and it
seems that paranoid_confirm:long-string-of-junk might have been
vulnerable.  So this fixes that.
This commit is contained in:
PatR
2016-05-07 18:39:36 -07:00
parent 70ff2c2b3e
commit bb5f2e4964
1 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

7
src/options.c
View File

@@ -2546,7 +2546,9 @@ boolean tinitial, tfrom_file;
} else if ((op = string_for_opt(opts, TRUE)) != 0) {
char *pp, buf[BUFSZ];
op = mungspaces(strcpy(buf, op));
strncpy(buf, op, sizeof buf - 1);
buf[sizeof buf - 1] = '\0';
op = mungspaces(buf);
for (;;) {
/* We're looking to parse
"paranoid_confirm:whichone wheretwo whothree"
@@ -3106,8 +3108,7 @@ boolean tinitial, tfrom_file;
if ((op = string_for_opt(opts, FALSE)) != 0) {
if (iflags.wc_tile_file)
free(iflags.wc_tile_file);
iflags.wc_tile_file = (char *) alloc(strlen(op) + 1);
Strcpy(iflags.wc_tile_file, op);
iflags.wc_tile_file = dupstr(op);
}
return;
}