summaryrefslogtreecommitdiffstats
path: root/games/golddig
diff options
context:
space:
mode:
authorjmz <jmz@FreeBSD.org>2004-12-02 10:55:58 +0000
committerjmz <jmz@FreeBSD.org>2004-12-02 10:55:58 +0000
commit9479e4412be80ee638828157126768cda6f38950 (patch)
treec7e0f1cd33fae2504965f34cced8059ecb9f1d62 /games/golddig
parent63f6e418143e33731520d6e7a4814b0efa69baa2 (diff)
downloadFreeBSD-ports-9479e4412be80ee638828157126768cda6f38950.zip
FreeBSD-ports-9479e4412be80ee638828157126768cda6f38950.tar.gz
Avoid buffer overflows.
Submitted by: Niels Heinen <niels.heinen@ubizen.com>
Diffstat (limited to 'games/golddig')
-rw-r--r--games/golddig/Makefile1
-rw-r--r--games/golddig/files/patch-aa29
2 files changed, 24 insertions, 6 deletions
diff --git a/games/golddig/Makefile b/games/golddig/Makefile
index 593a108..7abdea7 100644
--- a/games/golddig/Makefile
+++ b/games/golddig/Makefile
@@ -7,6 +7,7 @@
PORTNAME= golddig
PORTVERSION= 2.0
+PORTREVISION= 1
CATEGORIES= games
MASTER_SITES= ftp://qiclab.scn.rain.com/pub/games/
DISTNAME= golddig2
diff --git a/games/golddig/files/patch-aa b/games/golddig/files/patch-aa
index e644f51..ced0b8b 100644
--- a/games/golddig/files/patch-aa
+++ b/games/golddig/files/patch-aa
@@ -1,5 +1,5 @@
---- shared.c.orig Mon May 1 18:20:48 2000
-+++ shared.c Mon May 1 18:25:28 2000
+--- shared.c.orig Thu Dec 2 11:49:23 2004
++++ shared.c Thu Dec 2 11:52:16 2004
@@ -58,7 +58,7 @@
#include "bitmap/window.bits"
#include "bitmap/anti.bits"
@@ -9,18 +9,35 @@
/* All in and out movements except up */
#define NOUPBITS DLEAVE | LLEAVE | RLEAVE | HENTER | VENTER
-@@ -316,8 +316,12 @@
+@@ -312,21 +312,25 @@
+ FILE *levelfile;
+ register int i,j;
+ int x,y;
+- char buf[300];
++ char buf[1300];
/* Manufaction the file name by starting with the world name and */
/* appending the level number to it. */
- strcpy(filename,LIB);
- strcat(filename,"/");
+- strcat(filename,worldname);
+ if (strchr (worldname, '/'))
+ *filename = 0;
+ else {
-+ strcpy(filename,LIB);
-+ strcat(filename,"/");
++ strncpy(filename,LIB,sizeof(filename) - 3);
++ strncat(filename,"/",sizeof(filename) - 3);
+ }
- strcat(filename,worldname);
++ strncat(filename,worldname,sizeof(filename) - 3);
sprintf(filename + strlen(filename),"%03d",levelnum);
/* Open level file for reading */
+ levelfile = fopen(filename,"r");
+ /* If level file does not exist, use the default level file. */
+ if(levelfile == NULL) {
+ /* Build the default level name */
+- strcpy(buf,LIB);
+- strcat(buf,"/default");
++ strncpy(buf,LIB,sizeof(filename));
++ strncat(buf,"/default",sizeof(filename));
+ /* Open default level file for reading */
+ levelfile = fopen(buf,"r");
+ if(levelfile == NULL) {
OpenPOWER on IntegriCloud