From b66b6d954ba6434e113fe6263682ae476252c41d Mon Sep 17 00:00:00 2001 From: Markus Uhlin Date: Sun, 4 Aug 2024 00:59:24 +0200 Subject: Fixed possible buffer overflows --- FICS/playerdb.c | 14 +++++++++----- 1 file changed, 9 insertions(+), 5 deletions(-) (limited to 'FICS/playerdb.c') diff --git a/FICS/playerdb.c b/FICS/playerdb.c index 876aa85..79067ae 100644 --- a/FICS/playerdb.c +++ b/FICS/playerdb.c @@ -583,24 +583,28 @@ ReadV1PlayerFmt(int p, player *pp, FILE *fp, char *file, int version) } } + _Static_assert(1023 < ARRAY_SIZE(tmp2), "Array too small"); + +#define SCAN_STR "%1023s" + while (size_cens--) { - fscanf(fp, "%s", tmp2); + fscanf(fp, SCAN_STR, tmp2); list_add(p, L_CENSOR, tmp2); } while (size_not--) { - fscanf(fp, "%s", tmp2); + fscanf(fp, SCAN_STR, tmp2); list_add(p, L_NOTIFY, tmp2); } while (size_noplay--) { - fscanf(fp, "%s", tmp2); + fscanf(fp, SCAN_STR, tmp2); list_add(p, L_NOPLAY, tmp2); } while (size_gnot--) { - fscanf(fp, "%s", tmp2); + fscanf(fp, SCAN_STR, tmp2); list_add(p, L_GNOTIFY, tmp2); } while (size_chan--) { - fscanf(fp, "%s", tmp2); + fscanf(fp, SCAN_STR, tmp2); list_add(p, L_CHANNEL, tmp2); } } -- cgit v1.2.3