Attachment 139487 Details for Bug 125902 – Add bounds checking to fscanf() format strings

[patch] Add bounds checking to fscanf() format strings

nethack-3.4.3-topten-scanf-fix.patch (text/plain), 1.36 KB, created by Andrew Church on 2007-12-28 08:34:31 UTC

(hide)

Description:

Filename:

MIME Type:

Creator: Andrew Church

Created: 2007-12-28 08:34:31 UTC

Size: 1.36 KB

patch

obsolete

>--- ../nethack-3.4.3-orig/src/topten.c	2003-12-08 08:39:13 +0900
>+++ src/topten.c	2007-12-28 17:29:15 +0900
>@@ -30,6 +30,7 @@
> 
> #define newttentry() (struct toptenentry *) alloc(sizeof(struct toptenentry))
> #define dealloc_ttentry(ttent) free((genericptr_t) (ttent))
>+/* IMPORTANT: if you change any of these, update the scanf() strings below */
> #define NAMSZ	10
> #define DTHSZ	100
> #define ROLESZ   3
>@@ -129,12 +130,16 @@
> {
> #ifdef NO_SCAN_BRACK /* Version_ Pts DgnLevs_ Hp___ Died__Born id */
> 	static const char fmt[] = "%d %d %d %ld %d %d %d %d %d %d %ld %ld %d%*c";
>-	static const char fmt32[] = "%c%c %s %s%*c";
>-	static const char fmt33[] = "%s %s %s %s %s %s%*c";
>+	/* NOTE: "3" in "%3s" here MUST be equal to ROLESZ */
>+	static const char fmt32[] = "%c%c %3s %3s%*c";
>+	/* NOTE: in order, ROLESZ ROLESZ ROLESZ ROLESZ NAMSZ DTHSZ */
>+	static const char fmt33[] = "%3s %3s %3s %3s %10s %100s%*c";
> #else
> 	static const char fmt[] = "%d.%d.%d %ld %d %d %d %d %d %d %ld %ld %d ";
>-	static const char fmt32[] = "%c%c %[^,],%[^\n]%*c";
>-	static const char fmt33[] = "%s %s %s %s %[^,],%[^\n]%*c";
>+	/* NOTE: "3" in "%3[...]" here MUST be equal to ROLESZ */
>+	static const char fmt32[] = "%c%c %3[^,],%3[^\n]%*c";
>+	/* NOTE: in order, ROLESZ ROLESZ ROLESZ ROLESZ NAMSZ DTHSZ */
>+	static const char fmt33[] = "%3s %3s %3s %3s %10[^,],%100[^\n]%*c";
> #endif
> 
> #ifdef UPDATE_RECORD_IN_PLACE

Actions: View | Diff

Attachments on bug 125902: 139487 | 139490 | 139499 | 146573