diff options
| author |   dholland <dholland@NetBSD.org> | 2007-12-27 23:52:59 +0000 |
|---|---|---|
| committer | dholland <dholland@NetBSD.org> | 2007-12-27 23:52:59 +0000 |
| commit | 1c987590202c8ca8dec65a88afd1d73328d55b39 (patch) | |
| tree | 4b66e49e6975dce09a7ef0d62daa823e8bdabbf5 /rogue/room.c | |
| parent | 7bdfc68392299315f4249ce06cfac7b13fb0514a (diff) | |
| download | bsdgames-darwin-1c987590202c8ca8dec65a88afd1d73328d55b39.tar.gz bsdgames-darwin-1c987590202c8ca8dec65a88afd1d73328d55b39.tar.zst bsdgames-darwin-1c987590202c8ca8dec65a88afd1d73328d55b39.zip | |
Comprehensive (or at least extensive) string handling cleanup for rogue.
This patch dates (mostly) back to 2002; the critical parts of it were
handled back then by security-officer. As far as I know, there's
nothing exploitable fixed herein.
A slightly earlier version of this patch was reviewed by Christian Biere
when I filed it as PR 34750.
Diffstat (limited to 'rogue/room.c')
| -rw-r--r-- | rogue/room.c | 21 |
1 files changed, 13 insertions, 8 deletions
diff --git a/rogue/room.c b/rogue/room.c index 3ea1dd4a..f81106bd 100644 --- a/rogue/room.c +++ b/rogue/room.c @@ -1,4 +1,4 @@ -/* $NetBSD: room.c,v 1.9 2006/04/02 00:13:29 christos Exp $ */ +/* $NetBSD: room.c,v 1.10 2007/12/27 23:53:01 dholland Exp $ */ /* * Copyright (c) 1988, 1993 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)room.c 8.1 (Berkeley) 5/31/93"; #else -__RCSID("$NetBSD: room.c,v 1.9 2006/04/02 00:13:29 christos Exp $"); +__RCSID("$NetBSD: room.c,v 1.10 2007/12/27 23:53:01 dholland Exp $"); #endif #endif /* not lint */ @@ -60,7 +60,7 @@ boolean rooms_visited[MAXROOMS]; #define NOPTS 7 -struct option { +const struct option { const char *prompt; boolean is_bool; char **strval; @@ -84,15 +84,15 @@ struct option { }, { "Name (\"name\"): ", - 0, &nick_name + 0, &nick_name, (boolean *) 0 }, { "Fruit (\"fruit\"): ", - 0, &fruit + 0, &fruit, (boolean *) 0 }, { "Save file (\"file\"): ", - 0, &save_file + 0, &save_file, (boolean *) 0 } }; @@ -602,6 +602,11 @@ CH: ch = rgetchar(); } while ((ch != '\012') && (ch != '\015') && (ch != '\033')); if (j != 0) { + /* + * We rely on the option string being + * allocated to hold MAX_OPT_LEN+2 + * bytes. This is arranged in init.c. + */ (void) strcpy(*(options[i].strval), buf); } opt_show(i); @@ -626,7 +631,7 @@ opt_show(i) int i; { const char *s; - struct option *opt = &options[i]; + const struct option *opt = &options[i]; opt_erase(i); @@ -642,7 +647,7 @@ void opt_erase(i) int i; { - struct option *opt = &options[i]; + const struct option *opt = &options[i]; mvaddstr(i, 0, opt->prompt); clrtoeol(); |