From 51d88681fdb3e104197f0bc186f62bd0599f003e Mon Sep 17 00:00:00 2001 From: pooka Date: Wed, 19 Feb 2003 20:25:20 +0000 Subject: fix buffer overrun (games group vulnerability) when running nethack -s patch from nethack.org --- games/nethack-lib/patches/patch-ah | 20 ++++++++++++++++++++ 1 file changed, 20 insertions(+) create mode 100644 games/nethack-lib/patches/patch-ah (limited to 'games/nethack-lib/patches') diff --git a/games/nethack-lib/patches/patch-ah b/games/nethack-lib/patches/patch-ah new file mode 100644 index 00000000000..529a53b51de --- /dev/null +++ b/games/nethack-lib/patches/patch-ah @@ -0,0 +1,20 @@ +$NetBSD: patch-ah,v 1.1 2003/02/19 20:25:20 pooka Exp $ + +*** src/topten.c.orig Mon Feb 4 08:06:07 2002 +--- src/topten.c Mon Feb 10 10:48:55 2003 +*************** +*** 856,861 **** +--- 856,867 ---- + else { + if (playerct > 1) Strcat(pbuf, "any of "); + for (i = 0; i < playerct; i++) { ++ /* stop printing players if there are too many to fit */ ++ if (strlen(pbuf) + strlen(players[i]) + 2 >= BUFSZ) { ++ if (strlen(pbuf) < BUFSZ-4) Strcat(pbuf, "..."); ++ else Strcpy(pbuf+strlen(pbuf)-4, "..."); ++ break; ++ } + Strcat(pbuf, players[i]); + if (i < playerct-1) { + if (players[i][0] == '-' && + -- cgit v1.2.3