From deccf6a7965207b7ed5960f4fdc0dd7b8082c4be Mon Sep 17 00:00:00 2001
From: PatR <rankin@nethack.org>
Date: Tue, 14 Jan 2020 14:34:03 -0800
Subject: [PATCH] fix sym_val() buffer overrun fix

Fix a mistake in commit 74de7d31e0a6b3e2ebd852e333fe66d212fd6a90.
Copy+paste error resulted in 'strval + 1' when 'strval' is required.
---
 src/options.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/options.c b/src/options.c
index 1f8477193..8b56a87a3 100644
--- a/src/options.c
+++ b/src/options.c
@@ -6202,6 +6202,7 @@ const char *strval; /* up to 4*BUFSZ-1 long; only first few chars matter */
         } else {
             char *p;
 
+            /* +1: skip opening single quote */
             (void) strncpy(tmp, strval + 1, sizeof tmp - 1);
             tmp[sizeof tmp - 1] = '\0';
             if ((p = rindex(tmp, '\'')) != 0) {
@@ -6210,7 +6211,7 @@ const char *strval; /* up to 4*BUFSZ-1 long; only first few chars matter */
             } /* else buf[0] stays '\0' */
         }
     } else { /* not lone char nor single quote */
-        (void) strncpy(tmp, strval + 1, sizeof tmp - 1);
+        (void) strncpy(tmp, strval, sizeof tmp - 1);
         tmp[sizeof tmp - 1] = '\0';
         escapes(tmp, buf);
     }