Crossfire Mailing List Archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Bug in 88.5



I finally got around to trying to upgrade to 88.5,  There's a mistake
in the server stuff that could let crossfire overwrite random
sections of memory
Here's a patch:
*** main.c.orig	Tue Feb 16 16:53:12 1993
--- main.c	Tue Feb 16 16:53:48 1993
***************
*** 1278,1291 ****
        }
        if (pollret>0) {
  	int readct;
! 	char buf[30];
  	/* Have input */
! 	readct = read(inputfd,buf,30);
  	if (readct==0) {
  	  fprintf(stderr,"Bletchdie\n");
  	  exit(-1);
  	}
! 	if (readct>20) {
  	  fprintf(stderr,"Error, Protocol Violation, input too long");
  	  exit(-1);
  	}
--- 1275,1288 ----
        }
        if (pollret>0) {
  	int readct;
! 	char buf[50];
  	/* Have input */
! 	readct = read(inputfd,buf,40);
  	if (readct==0) {
  	  fprintf(stderr,"Bletchdie\n");
  	  exit(-1);
  	}
! 	if (readct>39) {
  	  fprintf(stderr,"Error, Protocol Violation, input too long");
  	  exit(-1);
  	}
          -Eric 
*********************************************************
"It seemed like a good idea at the time"
           -The Mad Hatter
"Yes, you're very smart.  Shut up."
           -In "The Princess Bride"
*********************************************************