Fixed possible buffer overflows

author: Markus Uhlin <markus@nifty-networks.net> 2024-08-04 00:59:24 +0200
committer: Markus Uhlin <markus@nifty-networks.net> 2024-08-04 00:59:24 +0200
commit: b66b6d954ba6434e113fe6263682ae476252c41d (patch)
tree: 0e75c43180ba06ced08e04f657bfaa3e02b3d591
parent: f8d6f33ca86eb75b6ee4eee87915df13960e4ecb (diff)
1 files changed, 9 insertions, 5 deletions
diff --git a/FICS/playerdb.c b/FICS/playerdb.c
index 876aa85..79067ae 100644
--- a/FICS/playerdb.c
+++ b/FICS/playerdb.c
@@ -583,24 +583,28 @@ ReadV1PlayerFmt(int p, player *pp, FILE *fp, char *file, int version)
 		}
 	}
 
+	_Static_assert(1023 < ARRAY_SIZE(tmp2), "Array too small");
+
+#define SCAN_STR "%1023s"
+
 	while (size_cens--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_CENSOR, tmp2);
 	}
 	while (size_not--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_NOTIFY, tmp2);
 	}
 	while (size_noplay--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_NOPLAY, tmp2);
 	}
 	while (size_gnot--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_GNOTIFY, tmp2);
 	}
 	while (size_chan--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_CHANNEL, tmp2);
 	}
 }
author	Markus Uhlin <markus@nifty-networks.net>	2024-08-04 00:59:24 +0200
committer	Markus Uhlin <markus@nifty-networks.net>	2024-08-04 00:59:24 +0200
commit	b66b6d954ba6434e113fe6263682ae476252c41d (patch)
tree	0e75c43180ba06ced08e04f657bfaa3e02b3d591
parent	f8d6f33ca86eb75b6ee4eee87915df13960e4ecb (diff)