summaryrefslogtreecommitdiff
path: root/games/nethack34/files/patch-ah
diff options
context:
space:
mode:
authorPeter Pentchev <roam@FreeBSD.org>2003-02-11 13:55:38 +0000
committerPeter Pentchev <roam@FreeBSD.org>2003-02-11 13:55:38 +0000
commitcb0cbed40a74b72b1db1a5755052d691a5865e70 (patch)
tree74e60a2cc6151e441170cb3706ce14c7db6032ea /games/nethack34/files/patch-ah
parentUpdate to 0.6.2. (diff)
Add a patch that fixes this particular misuse of strcat().
Remove the FORBIDDEN keyword with some apprehension: there might well be other holes left :( Bump PORTREVISION for the applied bug (and security-) fix.
Diffstat (limited to '')
-rw-r--r--games/nethack34/files/patch-ah20
1 files changed, 20 insertions, 0 deletions
diff --git a/games/nethack34/files/patch-ah b/games/nethack34/files/patch-ah
new file mode 100644
index 000000000000..a21918f7a656
--- /dev/null
+++ b/games/nethack34/files/patch-ah
@@ -0,0 +1,20 @@
+--- src/topten.c Thu Mar 21 01:43:19 2002
++++ src/topten.c Tue Feb 11 15:36:23 2003
+@@ -855,8 +855,15 @@
+ if (playerct < 1) Strcat(pbuf, "you.");
+ else {
+ if (playerct > 1) Strcat(pbuf, "any of ");
+- for (i = 0; i < playerct; i++) {
+- Strcat(pbuf, players[i]);
++ for (i = 0; i < playerct && strlen(pbuf) < sizeof(pbuf) - 2;
++ i++) {
++ size_t len = strlen(pbuf), rest;
++ if (strlen(players[i]) > sizeof(pbuf) - len - 2) {
++ rest = sizeof(pbuf) - strlen(pbuf) - 2;
++ memcpy(pbuf + len, players[i], rest);
++ pbuf[len + rest] = '\0';
++ } else
++ Strcat(pbuf, players[i]);
+ if (i < playerct-1) {
+ if (players[i][0] == '-' &&
+ index("pr", players[i][1]) && players[i][2] == 0)