Import Debian changes 2.5.2-2
lbreakout2 (2.5.2-2) unstable; urgency=high
* Apply backported security fixes for bad usage of s*printf/scanf.
Thanks to Moritz Muehlenhoff for spotting the problem in the upstream
changelog and for sifting through the diff to find the relevant fixes. (Closes: #310468)
Daniel Burrows authored 18 years ago
Andreas Tille committed 5 years ago
137 | 137 | if ( aux[0] != '>' ) break; |
138 | 138 | chart = calloc( 1, sizeof( Set_Chart ) ); |
139 | 139 | /* get name: >>>name */ |
140 | fscanf( file, ">>>%s\n", setname ); | |
140 | fscanf( file, ">>>%1023s\n", setname ); | |
141 | 141 | chart->name = strdup( setname ); |
142 | 142 | /* entries */ |
143 | 143 | chart_read_entries( file, file_name, chart ); |
233 | 233 | /* open file */ |
234 | 234 | file = fopen( file_name, "w" ); |
235 | 235 | if ( !file ) { |
236 | fprintf( stderr, "??? Highscore chart loaded properly but cannot save?\n" ); | |
236 | fprintf( stderr, "??? Highscore chart loaded properly but cannot save? (%s)\n",file_name ); | |
237 | 237 | return; |
238 | 238 | } |
239 | 239 | /* save all charts */ |
145 | 145 | |
146 | 146 | /* extract ip and port and build a new socket out of it */ |
147 | 147 | gui_edit_get_text( edit_server, server, 128, 0, -1 ); |
148 | snprintf( config.server, 64, server ); | |
148 | snprintf( config.server, 64, "%s", server ); | |
149 | 149 | if ( !net_build_addr( &newaddr, server, 0 ) ) { |
150 | 150 | client_printf_chatter( 1, "ERROR: address %s does not resolve", config.server ); |
151 | 151 | return; |
156 | 156 | /* users */ |
157 | 157 | case MSG_ADD_USER: |
158 | 158 | num = msg_read_int32(); |
159 | snprintf( name, 16, msg_read_string() ); name[15] = 0; | |
159 | snprintf( name, 16, "%s", msg_read_string() ); name[15] = 0; | |
160 | 160 | if ( msg_read_failed() ) break; |
161 | 161 | client_add_user( num, name ); |
162 | 162 | gui_list_update( |
222 | 222 | client_transmit( CODE_BLUE, msglen, msgbuf ); |
223 | 223 | break; |
224 | 224 | } |
225 | snprintf( mp_peer_name, 15, msg_read_string() ); | |
226 | snprintf( mp_levelset, 16, msg_read_string() ); | |
225 | snprintf( mp_peer_name, 15, "%s", msg_read_string() ); | |
226 | snprintf( mp_levelset, 16, "%s", msg_read_string() ); | |
227 | 227 | mp_diff = msg_read_int8(); |
228 | 228 | mp_rounds = msg_read_int8(); |
229 | 229 | mp_frags = msg_read_int8(); |
236 | 236 | break; |
237 | 237 | case MSG_ADD_USER: |
238 | 238 | i = msg_read_int32(); |
239 | snprintf( name, 16, msg_read_string() ); name[15] = 0; | |
239 | snprintf( name, 16, "%s", msg_read_string() ); name[15] = 0; | |
240 | 240 | if ( msg_read_failed() ) break; |
241 | 241 | client_add_user( i, name ); |
242 | 242 | handled = 1; |
638 | 638 | strcpy( str, "" ); |
639 | 639 | if ( edit_buttons[x][y] == BUTTON_EDIT_AUTHOR ) |
640 | 640 | if ( enter_string( font, "Author's Name:", str, 24 ) ) { |
641 | snprintf( edit_cur_level->author, 31, str ); | |
641 | snprintf( edit_cur_level->author, 31, "%s", str ); | |
642 | 642 | *full_update = 1; |
643 | 643 | } |
644 | 644 | if ( edit_buttons[x][y] == BUTTON_EDIT_NAME ) |
645 | 645 | if ( enter_string( font, "Title:", str, 24 ) ) { |
646 | snprintf( edit_cur_level->name, 31, str ); | |
646 | snprintf( edit_cur_level->name, 31, "%s", str ); | |
647 | 647 | *full_update = 1; |
648 | 648 | } |
649 | 649 | /* sel frame tile position */ |
0 | lbreakout2 (2.5.2-2) unstable; urgency=high | |
1 | ||
2 | * Apply backported security fixes for bad usage of s*printf/scanf. | |
3 | Thanks to Moritz Muehlenhoff for spotting the problem in the upstream | |
4 | changelog and for sifting through the diff to find the relevant fixes. (Closes: #310468) | |
5 | ||
6 | -- Daniel Burrows <dburrows@debian.org> Tue, 24 May 2005 18:52:21 -0700 | |
7 | ||
0 | 8 | lbreakout2 (2.5.2-1) unstable; urgency=low |
1 | 9 | |
2 | 10 | * New upstream release |
493 | 493 | { |
494 | 494 | char *ptr = msg + *pos; |
495 | 495 | |
496 | snprintf( ptr, 16, level->name ); ptr[15] = 0; ptr += 16; | |
497 | snprintf( ptr, 16, level->author); ptr[15] = 0; ptr += 16; | |
496 | snprintf( ptr, 16, "%s", level->name ); ptr[15] = 0; ptr += 16; | |
497 | snprintf( ptr, 16, "%s", level->author); ptr[15] = 0; ptr += 16; | |
498 | 498 | memcpy( ptr, level->bricks, 252 ); ptr += 252; |
499 | 499 | memcpy( ptr, level->extras, 252 ); ptr += 252; |
500 | 500 | |
506 | 506 | { |
507 | 507 | char *ptr = msg + *pos; |
508 | 508 | |
509 | snprintf( level->name, 16, ptr ); ptr += 16; | |
510 | snprintf( level->author, 16, ptr ); ptr += 16; | |
509 | snprintf( level->name, 16, "%s", ptr ); ptr += 16; | |
510 | snprintf( level->author, 16, "%s", ptr ); ptr += 16; | |
511 | 511 | memcpy( level->bricks, ptr, 252 ); ptr += 252; |
512 | 512 | memcpy( level->extras, ptr, 252 ); ptr += 252; |
513 | 513 |
73 | 73 | if ( fname[0] != '/' ) /* keep global pathes */ |
74 | 74 | snprintf( path, sizeof(path)-1, "%s/levels/%s", SRC_DIR, fname ); |
75 | 75 | else |
76 | snprintf( path, sizeof(path)-1, fname ); | |
76 | snprintf( path, sizeof(path)-1, "%s", fname ); | |
77 | 77 | |
78 | 78 | if ( ( file = fopen( path, mode ) ) == 0 ) { |
79 | 79 | fprintf( stderr, "couldn't open %s\n", path ); |
191 | 191 | |
192 | 192 | if ( levels->count == 0 ) return 0; |
193 | 193 | set = salloc( 1, sizeof( LevelSet ) ); |
194 | snprintf( set->name, 20, name ); | |
194 | snprintf( set->name, 20, "%s", name ); | |
195 | 195 | set->levels = salloc( levels->count, sizeof( Level* ) ); |
196 | 196 | set->count = levels->count; |
197 | 197 | set->version = version; |
343 | 343 | if ( !strequal( "Level:", buffer ) ) goto failure; |
344 | 344 | /* author */ |
345 | 345 | if ( !next_line( file, buffer ) ) goto failure; |
346 | snprintf( level->author, 31, buffer ); | |
346 | snprintf( level->author, 31, "%s", buffer ); | |
347 | 347 | /* level name */ |
348 | 348 | if ( !next_line( file, buffer ) ) goto failure; |
349 | snprintf( level->name, 31, buffer ); | |
349 | snprintf( level->name, 31, "%s", buffer ); | |
350 | 350 | /* bricks: */ |
351 | 351 | if ( !next_line( file, buffer ) ) goto failure; |
352 | 352 | if ( !strequal( "Bricks:", buffer ) ) goto failure; |
388 | 388 | { |
389 | 389 | int i, j; |
390 | 390 | Level *level = calloc( 1, sizeof( Level ) ); |
391 | snprintf( level->author, 31, author ); | |
392 | snprintf( level->name, 31, name ); | |
391 | snprintf( level->author, 31, "%s", author ); | |
392 | snprintf( level->name, 31, "%s", name ); | |
393 | 393 | /* empty arena */ |
394 | 394 | for ( i = 0; i < EDIT_WIDTH; i++ ) |
395 | 395 | for ( j = 0; j < EDIT_HEIGHT; j++ ) { |
421 | 421 | { |
422 | 422 | if ( widget->type != GUI_EDIT ) return; |
423 | 423 | /* copy text */ |
424 | snprintf( widget->spec.edit.buffer, widget->spec.edit.size + 1, text ); | |
424 | snprintf( widget->spec.edit.buffer, widget->spec.edit.size + 1, "%s", text ); | |
425 | 425 | widget->spec.edit.length = strlen( widget->spec.edit.buffer ); |
426 | 426 | /* reset */ |
427 | 427 | /* first character in first line */ |
455 | 455 | if ( length > limit ) |
456 | 456 | length = limit; |
457 | 457 | if ( length ) |
458 | snprintf( buffer, limit, widget->spec.edit.buffer ); | |
458 | snprintf( buffer, limit, "%s", widget->spec.edit.buffer ); | |
459 | 459 | else |
460 | 460 | buffer[0] = 0; |
461 | 461 | return 1; |