From 1c987590202c8ca8dec65a88afd1d73328d55b39 Mon Sep 17 00:00:00 2001 From: dholland Date: Thu, 27 Dec 2007 23:52:59 +0000 Subject: Comprehensive (or at least extensive) string handling cleanup for rogue. This patch dates (mostly) back to 2002; the critical parts of it were handled back then by security-officer. As far as I know, there's nothing exploitable fixed herein. A slightly earlier version of this patch was reviewed by Christian Biere when I filed it as PR 34750. --- rogue/use.c | 123 +++++++++++++++++++++++++++--------------------------------- 1 file changed, 56 insertions(+), 67 deletions(-) (limited to 'rogue/use.c') diff --git a/rogue/use.c b/rogue/use.c index 2e74fcea..904680b2 100644 --- a/rogue/use.c +++ b/rogue/use.c @@ -1,4 +1,4 @@ -/* $NetBSD: use.c,v 1.6 2003/08/07 09:37:40 agc Exp $ */ +/* $NetBSD: use.c,v 1.7 2007/12/27 23:53:01 dholland Exp $ */ /* * Copyright (c) 1988, 1993 @@ -37,7 +37,7 @@ #if 0 static char sccsid[] = "@(#)use.c 8.1 (Berkeley) 5/31/93"; #else -__RCSID("$NetBSD: use.c,v 1.6 2003/08/07 09:37:40 agc Exp $"); +__RCSID("$NetBSD: use.c,v 1.7 2007/12/27 23:53:01 dholland Exp $"); #endif #endif /* not lint */ @@ -70,7 +70,6 @@ void quaff() { short ch; - char buf[80]; object *obj; ch = pack_letter("quaff what?", POTION); @@ -79,17 +78,16 @@ quaff() return; } if (!(obj = get_letter_object(ch))) { - message("no such item.", 0); + messagef(0, "no such item."); return; } if (obj->what_is != POTION) { - message("you can't drink that", 0); + messagef(0, "you can't drink that"); return; } switch(obj->which_kind) { case INCREASE_STRENGTH: - message("you feel stronger now, what bulging muscles!", - 0); + messagef(0, "you feel stronger now, what bulging muscles!"); rogue.str_current++; if (rogue.str_current > rogue.str_max) { rogue.str_max = rogue.str_current; @@ -97,14 +95,14 @@ quaff() break; case RESTORE_STRENGTH: rogue.str_current = rogue.str_max; - message("this tastes great, you feel warm all over", 0); + messagef(0, "this tastes great, you feel warm all over"); break; case HEALING: - message("you begin to feel better", 0); + messagef(0, "you begin to feel better"); potion_heal(0); break; case EXTRA_HEALING: - message("you begin to feel much better", 0); + messagef(0, "you begin to feel much better"); potion_heal(1); break; case POISON: @@ -114,27 +112,27 @@ quaff() rogue.str_current = 1; } } - message("you feel very sick now", 0); + messagef(0, "you feel very sick now"); if (halluc) { unhallucinate(); } break; case RAISE_LEVEL: rogue.exp_points = level_points[rogue.exp - 1]; - message("you suddenly feel much more skillful", 0); + messagef(0, "you suddenly feel much more skillful"); add_exp(1, 1); break; case BLINDNESS: go_blind(); break; case HALLUCINATION: - message("oh wow, everything seems so cosmic", 0); + messagef(0, "oh wow, everything seems so cosmic"); halluc += get_rand(500, 800); break; case DETECT_MONSTER: show_monsters(); if (!(level_monsters.next_monster)) { - message(strange_feeling, 0); + messagef(0, "%s", strange_feeling); } break; case DETECT_OBJECTS: @@ -143,29 +141,29 @@ quaff() show_objects(); } } else { - message(strange_feeling, 0); + messagef(0, "%s", strange_feeling); } break; case CONFUSION: - message((halluc ? "what a trippy feeling" : - "you feel confused"), 0); + messagef(0, (halluc ? "what a trippy feeling" : + "you feel confused")); cnfs(); break; case LEVITATION: - message("you start to float in the air", 0); + messagef(0, "you start to float in the air"); levitate += get_rand(15, 30); being_held = bear_trap = 0; break; case HASTE_SELF: - message("you feel yourself moving much faster", 0); + messagef(0, "you feel yourself moving much faster"); haste_self += get_rand(11, 21); if (!(haste_self % 2)) { haste_self++; } break; case SEE_INVISIBLE: - sprintf(buf, "hmm, this potion tastes like %sjuice", fruit); - message(buf, 0); + messagef(0, "hmm, this potion tastes like %sjuice", + fruit); if (blind) { unblind(); } @@ -185,7 +183,6 @@ read_scroll() { short ch; object *obj; - char msg[DCOLS]; ch = pack_letter("read what?", SCROL); @@ -193,17 +190,16 @@ read_scroll() return; } if (!(obj = get_letter_object(ch))) { - message("no such item.", 0); + messagef(0, "no such item."); return; } if (obj->what_is != SCROL) { - message("you can't read that", 0); + messagef(0, "you can't read that"); return; } switch(obj->which_kind) { case SCARE_MONSTER: - message("you hear a maniacal laughter in the distance", - 0); + messagef(0, "you hear a maniacal laughter in the distance"); break; case HOLD_MONSTER: hold_monster(); @@ -211,11 +207,10 @@ read_scroll() case ENCH_WEAPON: if (rogue.weapon) { if (rogue.weapon->what_is == WEAPON) { - sprintf(msg, "your %sglow%s %sfor a moment", - name_of(rogue.weapon), - ((rogue.weapon->quantity <= 1) ? "s" : ""), - get_ench_color()); - message(msg, 0); + messagef(0, "your %sglow%s %sfor a moment", + name_of(rogue.weapon), + ((rogue.weapon->quantity <= 1) ? "s" : ""), + get_ench_color()); if (coin_toss()) { rogue.weapon->hit_enchant++; } else { @@ -224,23 +219,22 @@ read_scroll() } rogue.weapon->is_cursed = 0; } else { - message("your hands tingle", 0); + messagef(0, "your hands tingle"); } break; case ENCH_ARMOR: if (rogue.armor) { - sprintf(msg, "your armor glows %sfor a moment", - get_ench_color()); - message(msg, 0); + messagef(0, "your armor glows %sfor a moment", + get_ench_color()); rogue.armor->d_enchant++; rogue.armor->is_cursed = 0; print_stats(STAT_ARMOR); } else { - message("your skin crawls", 0); + messagef(0, "your skin crawls"); } break; case IDENTIFY: - message("this is a scroll of identify", 0); + messagef(0, "this is a scroll of identify"); obj->identified = 1; id_scrolls[obj->which_kind].id_status = IDENTIFIED; idntfy(); @@ -249,22 +243,22 @@ read_scroll() tele(); break; case SLEEP: - message("you fall asleep", 0); + messagef(0, "you fall asleep"); take_a_nap(); break; case PROTECT_ARMOR: if (rogue.armor) { - message( "your armor is covered by a shimmering gold shield",0); + messagef(0, "your armor is covered by a shimmering gold shield"); rogue.armor->is_protected = 1; rogue.armor->is_cursed = 0; } else { - message("your acne seems to have disappeared", 0); + messagef(0, "your acne seems to have disappeared"); } break; case REMOVE_CURSE: - message((!halluc) ? + messagef(0, (!halluc) ? "you feel as though someone is watching over you" : - "you feel in touch with the universal oneness", 0); + "you feel in touch with the universal oneness"); uncurse_all(); break; case CREATE_MONSTER: @@ -274,13 +268,13 @@ read_scroll() aggravate(); break; case MAGIC_MAPPING: - message("this scroll seems to have a map on it", 0); + messagef(0, "this scroll seems to have a map on it"); draw_magic_map(); break; case CON_MON: con_mon = 1; - sprintf(msg, "your hands glow %sfor a moment", get_ench_color()); - message(msg, 0); + messagef(0, "your hands glow %sfor a moment", + get_ench_color()); break; } if (id_scrolls[obj->which_kind].id_status != CALLED) { @@ -378,8 +372,8 @@ AGAIN: return; } if (!(obj = get_letter_object(ch))) { - message("no such item, try again", 0); - message("", 0); + messagef(0, "no such item, try again"); + messagef(0, "%s", ""); /* gcc objects to just "" */ check_message(); goto AGAIN; } @@ -388,8 +382,8 @@ AGAIN: id_table = get_id_table(obj); id_table[obj->which_kind].id_status = IDENTIFIED; } - get_desc(obj, desc); - message(desc, 0); + get_desc(obj, desc, sizeof(desc)); + messagef(0, "%s", desc); } void @@ -398,7 +392,6 @@ eat() short ch; short moves; object *obj; - char buf[70]; ch = pack_letter("eat what?", FOOD); @@ -406,24 +399,23 @@ eat() return; } if (!(obj = get_letter_object(ch))) { - message("no such item.", 0); + messagef(0, "no such item."); return; } if (obj->what_is != FOOD) { - message("you can't eat that", 0); + messagef(0, "you can't eat that"); return; } if ((obj->which_kind == FRUIT) || rand_percent(60)) { moves = get_rand(950, 1150); if (obj->which_kind == RATION) { - message("yum, that tasted good", 0); + messagef(0, "yum, that tasted good"); } else { - sprintf(buf, "my, that was a yummy %s", fruit); - message(buf, 0); + messagef(0, "my, that was a yummy %s", fruit); } } else { moves = get_rand(750, 950); - message("yuk, that food tasted awful", 0); + messagef(0, "yuk, that food tasted awful"); add_exp(2, 1); } rogue.moves_left /= 3; @@ -459,11 +451,11 @@ hold_monster() } } if (mcount == 0) { - message("you feel a strange sense of loss", 0); + messagef(0, "you feel a strange sense of loss"); } else if (mcount == 1) { - message("the monster freezes", 0); + messagef(0, "the monster freezes"); } else { - message("the monsters around you freeze", 0); + messagef(0, "the monsters around you freeze"); } } @@ -515,14 +507,14 @@ unhallucinate() { halluc = 0; relight(); - message("everything looks SO boring now", 1); + messagef(1, "everything looks SO boring now"); } void unblind() { blind = 0; - message("the veil of darkness lifts", 1); + messagef(1, "the veil of darkness lifts"); relight(); if (halluc) { hallucinate(); @@ -555,7 +547,7 @@ take_a_nap() mv_mons(); } md_sleep(1); - message(you_can_move_again, 0); + messagef(0, "%s", you_can_move_again); } void @@ -564,7 +556,7 @@ go_blind() short i, j; if (!blind) { - message("a cloak of darkness falls around you", 0); + messagef(0, "a cloak of darkness falls around you"); } blind += get_rand(500, 800); @@ -610,11 +602,8 @@ cnfs() void unconfuse() { - char msg[80]; - confused = 0; - sprintf(msg, "you feel less %s now", (halluc ? "trippy" : "confused")); - message(msg, 1); + messagef(1, "you feel less %s now", (halluc ? "trippy" : "confused")); } void -- cgit v1.2.3-56-ge451