granicus.if.org Git - nethack/commit

author	nethack.allison <nethack.allison>
	Sat, 10 May 2003 14:11:42 +0000 (14:11 +0000)
committer	nethack.allison <nethack.allison>
	Sat, 10 May 2003 14:11:42 +0000 (14:11 +0000)
commit	8f66986300b1d6fa1e08858c08d40418d87bf522
tree	123aa137528955d9bee8f408b21df61773259605	tree \| snapshot
parent	9746d9404e937a3908e175fd92c43a65123dee72	commit \| diff

Pat Rankin wrote:
> The `prompt' buffer in tty_yn_function still only holds QBUFSZ
> characters. But fixing the tty incarnation wouldn't be good enough;
> all the other interfaces would need to handle it too. I think it
> should be fixed in the core instead. Prompt strings simply should
> not be allowed to become so lengthy.

Another step in the fight against prompt sting buffer overflows.
The goes after the ones that may not have been found yet.

This makes yn_function a real core function and removes
the #define yn_function macro.

The yn_function validates the prompt string buffer being
passed prior to calling (*windowprocs.win_yn_function)(),
and if necessary, truncating it and adding "...".

This won't help if the overflow occurs in the core in
a buffer that is still QBUFSZ in size, but it will help if
a BUFSZ buffer is being passed to one of the query
functions.

include/extern.h		diff \| blob \| history
include/winprocs.h		diff \| blob \| history
src/cmd.c		diff \| blob \| history