diff options
| author | Magnus Auvinen <magnus.auvinen@gmail.com> | 2008-02-11 21:49:26 +0000 |
|---|---|---|
| committer | Magnus Auvinen <magnus.auvinen@gmail.com> | 2008-02-11 21:49:26 +0000 |
| commit | 79dfdb3cd71a44ec3cd8e1dab15263837381cbbf (patch) | |
| tree | fe7ce8c125d74f74ecaea895f679cfe251fac784 /src/game/server | |
| parent | 57b2da779f242da46ec2ac3f994cf536af7a03e4 (diff) | |
| download | zcatch-79dfdb3cd71a44ec3cd8e1dab15263837381cbbf.tar.gz zcatch-79dfdb3cd71a44ec3cd8e1dab15263837381cbbf.zip | |
security audit: first batch of fixes. replaced sprintf, strcpy with more secure versions
Diffstat (limited to 'src/game/server')
| -rw-r--r-- | src/game/server/gs_game.cpp | 3 | ||||
| -rw-r--r-- | src/game/server/gs_server.cpp | 10 |
2 files changed, 7 insertions, 6 deletions
diff --git a/src/game/server/gs_game.cpp b/src/game/server/gs_game.cpp index 9a9c233e..a1b5fd7b 100644 --- a/src/game/server/gs_game.cpp +++ b/src/game/server/gs_game.cpp @@ -115,6 +115,7 @@ void gameobject::cyclemap() { if(!strlen(config.sv_maprotation)) return; + // handle maprotation char buf[512]; const char *s = strstr(config.sv_maprotation, config.sv_map); @@ -145,7 +146,7 @@ void gameobject::cyclemap() i++; dbg_msg("game", "rotating map to %s", &buf[i]); - strcpy(config.sv_map, &buf[i]); + str_copy(config.sv_map, &buf[i], sizeof(config.sv_map)); } void gameobject::post_reset() diff --git a/src/game/server/gs_server.cpp b/src/game/server/gs_server.cpp index 53ad4c2b..656609a6 100644 --- a/src/game/server/gs_server.cpp +++ b/src/game/server/gs_server.cpp @@ -663,7 +663,7 @@ void player::set_team(int new_team) return; char buf[512]; - sprintf(buf, "%s joined the %s", server_clientname(client_id), get_team_name(new_team)); + str_format(buf, sizeof(buf), "%s joined the %s", server_clientname(client_id), get_team_name(new_team)); send_chat(-1, -1, buf); team = new_team; @@ -2108,7 +2108,7 @@ void mods_client_enter(int client_id) char buf[512]; - sprintf(buf, "%s entered and joined the %s", server_clientname(client_id), get_team_name(players[client_id].team)); + str_format(buf, sizeof(buf), "%s entered and joined the %s", server_clientname(client_id), get_team_name(players[client_id].team)); send_chat(-1, -1, buf); dbg_msg("game", "team_join player='%d:%s' team=%d", client_id, server_clientname(client_id), players[client_id].team); @@ -2138,7 +2138,7 @@ void mods_connected(int client_id) void mods_client_drop(int client_id) { char buf[512]; - sprintf(buf, "%s has left the game", server_clientname(client_id)); + str_format(buf, sizeof(buf), "%s has left the game", server_clientname(client_id)); send_chat(-1, -1, buf); dbg_msg("game", "leave player='%d:%s'", client_id, server_clientname(client_id)); @@ -2196,12 +2196,12 @@ void mods_message(int msg, int client_id) if(msg == MSG_CHANGEINFO && strcmp(name, server_clientname(client_id)) != 0) { char msg[256]; - sprintf(msg, "*** %s changed name to %s", server_clientname(client_id), name); + str_format(msg, sizeof(msg), "*** %s changed name to %s", server_clientname(client_id), name); send_chat(-1, -1, msg); } //send_set_name(client_id, players[client_id].name, name); - strncpy(players[client_id].skin_name, skin_name, 64); + str_copy(players[client_id].skin_name, skin_name, sizeof(players[client_id].skin_name)); server_setclientname(client_id, name); gameobj->on_player_info_change(&players[client_id]); |