diff options
author | dholland <dholland@NetBSD.org> | 2009-06-28 18:59:37 +0000 |
---|---|---|
committer | dholland <dholland@NetBSD.org> | 2009-06-28 18:59:37 +0000 |
commit | abd51ca1e4ba6bfe4680ba226df6e884b087ae00 (patch) | |
tree | 8deda46f2a46c803f6718bacf60b4c2cd80e6600 /hunt | |
parent | 8e0bc1dda8fbdb3cb6a9635d807371519347a3ba (diff) | |
download | bsdgames-darwin-abd51ca1e4ba6bfe4680ba226df6e884b087ae00.tar.gz bsdgames-darwin-abd51ca1e4ba6bfe4680ba226df6e884b087ae00.tar.zst bsdgames-darwin-abd51ca1e4ba6bfe4680ba226df6e884b087ae00.zip |
Fix possible remote DoS of a running hunt game, and prevent a possible
theoretical attack involving >= 1 billion ammo.
Diffstat (limited to 'hunt')
-rw-r--r-- | hunt/huntd/answer.c | 12 |
1 files changed, 9 insertions, 3 deletions
diff --git a/hunt/huntd/answer.c b/hunt/huntd/answer.c index 91307b3b..b2577afc 100644 --- a/hunt/huntd/answer.c +++ b/hunt/huntd/answer.c @@ -1,4 +1,4 @@ -/* $NetBSD: answer.c,v 1.9 2008/01/28 03:23:29 dholland Exp $ */ +/* $NetBSD: answer.c,v 1.10 2009/06/28 18:59:37 dholland Exp $ */ /* * Copyright (c) 1983-2003, Regents of the University of California. * All rights reserved. @@ -32,7 +32,7 @@ #include <sys/cdefs.h> #ifndef lint -__RCSID("$NetBSD: answer.c,v 1.9 2008/01/28 03:23:29 dholland Exp $"); +__RCSID("$NetBSD: answer.c,v 1.10 2009/06/28 18:59:37 dholland Exp $"); #endif /* not lint */ # include <ctype.h> @@ -102,6 +102,12 @@ answer() mode = ntohl(mode); /* + * Ensure null termination. + */ + name[sizeof(name)-1] = '\0'; + Ttyname[sizeof(Ttyname)-1] = '\0'; + + /* * Turn off blocking I/O, so a slow or dead terminal won't stop * the game. All subsequent reads check how many bytes they read. */ @@ -317,7 +323,7 @@ stplayer(newpp, enter_status) y = STAT_PLAY_ROW + 1 + (newpp - Player); for (pp = Player; pp < End_player; pp++) { if (pp != newpp) { - char smallbuf[10]; + char smallbuf[16]; pp->p_ammo += NSHOTS; newpp->p_ammo += NSHOTS; |