From 2e32b0231e62eb1ffde08fdc7d70defc5d2d9427 Mon Sep 17 00:00:00 2001 From: Markus Uhlin Date: Sat, 14 Mar 2026 15:49:43 +0100 Subject: player_search: handle snprintf() truncation --- FICS/playerdb.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) (limited to 'FICS/playerdb.c') diff --git a/FICS/playerdb.c b/FICS/playerdb.c index 2ef68ea..dd80dc7 100644 --- a/FICS/playerdb.c +++ b/FICS/playerdb.c @@ -3057,6 +3057,7 @@ player_search(int p, char *name) char *buffer[1000] = { NULL }; char pdir[MAX_FILENAME_SIZE] = { '\0' }; int p1, count; + int ret; // Exact match with connected player? if ((p1 = player_find_bylogin(name)) >= 0) { @@ -3066,7 +3067,13 @@ player_search(int p, char *name) } // Exact match with registered player? - snprintf(pdir, sizeof pdir, "%s/%c", player_dir, name[0]); + ret = snprintf(pdir, sizeof pdir, "%s/%c", player_dir, name[0]); + + if (is_too_long(ret, sizeof pdir)) { + warnx("%s: player dir too long", __func__); + return 0; + } + count = search_directory(pdir, name, buffer, ARRAY_SIZE(buffer)); if (count > 0 && !strcmp(name, *buffer)) -- cgit v1.2.3