Crossfire Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Bug in 88.5
- To: crossfire (at) ifi.uio.no
- Subject: Bug in 88.5
- From: "Eric A. Anderson" <>
- Date: Tue, 16 Feb 1993 16:57:59 -0500 (EST)
I finally got around to trying to upgrade to 88.5, There's a mistake
in the server stuff that could let crossfire overwrite random
sections of memory
Here's a patch:
*** main.c.orig Tue Feb 16 16:53:12 1993
--- main.c Tue Feb 16 16:53:48 1993
***************
*** 1278,1291 ****
}
if (pollret>0) {
int readct;
! char buf[30];
/* Have input */
! readct = read(inputfd,buf,30);
if (readct==0) {
fprintf(stderr,"Bletchdie\n");
exit(-1);
}
! if (readct>20) {
fprintf(stderr,"Error, Protocol Violation, input too long");
exit(-1);
}
--- 1275,1288 ----
}
if (pollret>0) {
int readct;
! char buf[50];
/* Have input */
! readct = read(inputfd,buf,40);
if (readct==0) {
fprintf(stderr,"Bletchdie\n");
exit(-1);
}
! if (readct>39) {
fprintf(stderr,"Error, Protocol Violation, input too long");
exit(-1);
}
-Eric
*********************************************************
"It seemed like a good idea at the time"
-The Mad Hatter
"Yes, you're very smart. Shut up."
-In "The Princess Bride"
*********************************************************