$NHDT-Branch: NetHack-3.6 $:$NHDT-Revision: 1.4 $ $NHDT-Date: 1576287569 2019/12/14 01:39:29 $
-This fixes36.4 file is here to capture information about updates in the 3.6.x
-lineage following the release of 3.6.3 in December 2019. Hypothetical version
-3.6.4 may not be released, in which case these fixes will appear in 3.7.0.
+fixes36.4 contains a terse summary of changes made to 3.6.3 in order to
+produce 3.6.4.
+
General Fixes and Modified Features
-----------------------------------
or removing such from container was inaccurate if there was some gold
pending; vary the message rather than add more convoluted pickup code
dozen-ish assorted spelling/typo fixes in messages and source comments
-flying hero could not use a hole deliberately with '>'
-
-
-Fixes to Post-3.6.3 Problems that Were Exposed Via git Repository
-------------------------------------------------------------------
+fix potential buffer overflow when parsing run-time configuration file
Platform- and/or Interface-Specific Fixes or Features
General New Features
--------------------
-
-
-NetHack Community Patches (or Variation) Included
--------------------------------------------------
-
-
-Code Cleanup and Reorganization
--------------------------------
+none
int len;
boolean retval = TRUE;
+ while (*origbuf == ' ' || *origbuf == '\t') /* skip leading whitespace */
+ ++origbuf; /* (caller probably already did this) */
+ (void) strncpy(buf, origbuf, sizeof buf - 1);
+ buf[sizeof buf - 1] = '\0'; /* strncpy not guaranteed to NUL terminate */
/* convert any tab to space, condense consecutive spaces into one,
remove leading and trailing spaces (exception: if there is nothing
but spaces, one of them will be kept even though it leads/trails) */
- mungspaces(strcpy(buf, origbuf));
+ mungspaces(buf);
/* find the '=' or ':' */
bufp = find_optparam(buf);
proc_wizkit_line(buf)
char *buf;
{
- struct obj *otmp = readobjnam(buf, (struct obj *) 0);
+ struct obj *otmp;
+
+ if (strlen(buf) >= BUFSZ)
+ buf[BUFSZ - 1] = '\0';
+ otmp = readobjnam(buf, (struct obj *) 0);
if (otmp) {
if (otmp != &zeroobj)
/* merge now read line with previous ones, if necessary */
if (!ignoreline) {
- len = (int) strlen(inbuf) + 1;
+ len = (int) strlen(ep) + 1; /* +1: final '\0' */
if (buf)
- len += (int) strlen(buf);
+ len += (int) strlen(buf) + 1; /* +1: space */
tmpbuf = (char *) alloc(len);
+ *tmpbuf = '\0';
if (buf) {
- Sprintf(tmpbuf, "%s %s", buf, inbuf);
+ Strcat(strcpy(tmpbuf, buf), " ");
free(buf);
- } else
- Strcpy(tmpbuf, inbuf);
- buf = tmpbuf;
+ }
+ buf = strcat(tmpbuf, ep);
+ buf[sizeof inbuf - 1] = '\0';
}
if (morelines || (ignoreline && !oldline))
continue;
- if (handle_config_section(ep)) {
+ if (handle_config_section(buf)) {
free(buf);
buf = (char *) 0;
continue;
}
bufp++;
if (config_section_chosen)
- free(config_section_chosen);
+ free(config_section_chosen), config_section_chosen = 0;
section = choose_random_part(bufp, ',');
- if (section)
+ if (section) {
config_section_chosen = dupstr(section);
- else {
+ } else {
config_error_add("No config section to choose");
rv = FALSE;
}
struct symparse *symp;
char *bufp, *commentp, *altp;
+ if (strlen(buf) >= BUFSZ)
+ buf[BUFSZ - 1] = '\0';
/* convert each instance of whitespace (tabs, consecutive spaces)
into a single space; leading and trailing spaces are stripped */
mungspaces(buf);