From 3809a8fdebc7087514443871f875d64c9e24e447 Mon Sep 17 00:00:00 2001 From: hubertf Date: Sat, 17 Jul 1999 19:57:03 +0000 Subject: The patch below improves the security of the game atc(6), by having it open the score file at the start and then drop all setgid privileges while keeping a (close-on-exec) file descriptor open to it. In order to allow this the static data files have to be made world readable. In addition a potential buffer overrun with corrupted score files is avoided by more careful use of scanf (note that SCORE_SCANF_FMT is defined alongside the definition of the relevant structure). Submitted in PR 8015 by Joseph Myers --- atc/struct.h | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) (limited to 'atc/struct.h') diff --git a/atc/struct.h b/atc/struct.h index 016f1d6c..35e302f5 100644 --- a/atc/struct.h +++ b/atc/struct.h @@ -1,4 +1,4 @@ -/* $NetBSD: struct.h,v 1.3 1995/03/21 15:04:31 cgd Exp $ */ +/* $NetBSD: struct.h,v 1.4 1999/07/17 19:57:03 hubertf Exp $ */ /*- * Copyright (c) 1990, 1993 @@ -107,6 +107,8 @@ typedef struct { int real_time; } SCORE; +#define SCORE_SCANF_FMT "%9s %255s %255s %d %d %d" + typedef struct displacement { int dx; int dy; -- cgit v1.2.3-56-ge451