diff options
Diffstat (limited to 'FICS/obsproc.c')
-rw-r--r-- | FICS/obsproc.c | 23 |
1 files changed, 13 insertions, 10 deletions
diff --git a/FICS/obsproc.c b/FICS/obsproc.c index dc47cbe..283ecc3 100644 --- a/FICS/obsproc.c +++ b/FICS/obsproc.c @@ -30,6 +30,8 @@ fscanf(). Markus Uhlin 24/12/02 Improved old_mail_moves() Markus Uhlin 25/01/18 Fixed -Wshadow + Markus Uhlin 25/03/15 Fixed possible buffer overflow + in FindHistory2(). */ #include "stdinclude.h" @@ -994,9 +996,10 @@ FindHistory(int p, int p1, int p_game) } PRIVATE char * -FindHistory2(int p, int p1, int p_game, char *End) +FindHistory2(int p, int p1, int p_game, char *End, const size_t End_size) { FILE *fpHist; + char fmt[80] = { '\0' }; int index = 0; long int when = 0; static char fileName[MAX_FILENAME_SIZE]; @@ -1009,12 +1012,11 @@ FindHistory2(int p, int p1, int p_game, char *End) return NULL; } - do { - int ret; + msnprintf(fmt, sizeof fmt, "%%d %%*c %%*d %%*c %%*d %%*s %%*s %%*d " + "%%*d %%*d %%*d %%*s %%%zus %%ld\n", (End_size - 1)); - ret = fscanf(fpHist, "%d %*c %*d %*c %*d %*s %*s %*d %*d %*d " - "%*d %*s %s %ld", &index, End, &when); - if (ret != 3) + do { + if (fscanf(fpHist, fmt, &index, End, &when) != 3) warn("%s: %s: corrupt", __func__, &fileName[0]); } while (!feof(fpHist) && index != p_game); @@ -1815,14 +1817,15 @@ jsave_history(int p, char save_spot, int p1, int from, char *to_file) char *EndSymbol; char *HistoryFname; char *name_to = parray[p].login; - char End[100]; - char command[MAX_FILENAME_SIZE * 2 + 3]; + char End[100] = { '\0' }; + char command[MAX_FILENAME_SIZE * 2 + 3] = { '\0' }; char filename[MAX_FILENAME_SIZE + 1] = { '\0' }; // XXX - char jfname[MAX_FILENAME_SIZE]; + char jfname[MAX_FILENAME_SIZE] = { '\0' }; char type[4]; int g; - if ((HistoryFname = FindHistory2(p, p1, from, End)) != NULL) { + if ((HistoryFname = FindHistory2(p, p1, from, End, sizeof End)) != + NULL) { if ((Game = fopen(HistoryFname, "r")) == NULL) { pprintf(p, "History game %d not available for %s.\n", from, |