fix buffer overrun (games group vulnerability) when running nethack -s

patch from nethack.org

2 files changed, 22 insertions, 1 deletions

diff --git a/games/nethack-x11/distinfo b/games/nethack-x11/distinfo
index 315bbc6ef82..95a4794a157 100644
--- a/games/nethack-x11/distinfo
+++ b/games/nethack-x11/distinfo
@@ -1,4 +1,4 @@
-$NetBSD: distinfo,v 1.7 2002/09/23 10:10:51 jlam Exp $
+$NetBSD: distinfo,v 1.8 2003/02/19 20:25:21 pooka Exp $
 
 SHA1 (nethack-340.tgz) = db480f5bf94372a8f87ee4d081f83efd99b31523
 Size (nethack-340.tgz) = 3270905 bytes
@@ -9,3 +9,4 @@ SHA1 (patch-ae) = b6d0cca1e3d781a2a1f1d4b244e944eaedfec716
 SHA1 (patch-af) = 20c37fd62b05121d834d3c42cf3aa48b018b362d
 SHA1 (patch-ag) = 6aeae6bde079b9c9081f6e32523687010c9bc674
 SHA1 (patch-ah) = 9cb29ef166fefa5672cad337e00fc960b46140eb
+SHA1 (patch-ai) = 12763f8759de2c9b13d0e77f18e8e6aa69a031dc
diff --git a/games/nethack-x11/patches/patch-ai b/games/nethack-x11/patches/patch-ai
new file mode 100644
index 00000000000..7586a2f963c
--- /dev/null
+++ b/games/nethack-x11/patches/patch-ai
@@ -0,0 +1,20 @@
+$NetBSD: patch-ai,v 1.1 2003/02/19 20:25:22 pooka Exp $
+
+*** src/topten.c.orig	Mon Feb  4 08:06:07 2002
+--- src/topten.c	Mon Feb 10 10:48:55 2003
+***************
+*** 856,861 ****
+--- 856,867 ----
+  	    else {
+  		if (playerct > 1) Strcat(pbuf, "any of ");
+  		for (i = 0; i < playerct; i++) {
++ 		    /* stop printing players if there are too many to fit */
++ 		    if (strlen(pbuf) + strlen(players[i]) + 2 >= BUFSZ) {
++ 			if (strlen(pbuf) < BUFSZ-4) Strcat(pbuf, "...");
++ 			else Strcpy(pbuf+strlen(pbuf)-4, "...");
++ 			break;
++ 		    }
+  		    Strcat(pbuf, players[i]);
+  		    if (i < playerct-1) {
+  			if (players[i][0] == '-' &&
+