Fix crash with long function names
This fixes a buffer overrun introduced by commit eba8474294c1c106dd6e4f62a73160798f16458d. The crash happens in do_call() when a function name was longer than the max. allowed (sNAMEMAX) because of the leading '.' (dot) inserted in command(). --------- test code -------- #include <a_samp> OverlyLongFunctionNameYouCantEvenBotherToRead() { print("hey"); } main() { OverlyLongFunctionNameYouCantEvenBotherToRead(); } ----- end of test code -----
This commit is contained in:
parent
7ee5e98e30
commit
b54729c03c
@ -395,14 +395,14 @@ static cell do_dump(FILE *fbin,char *params,cell opcode)
|
||||
|
||||
static cell do_call(FILE *fbin,char *params,cell opcode)
|
||||
{
|
||||
char name[sNAMEMAX+1];
|
||||
char name[sNAMEMAX+2]; /* +1 for a possible leading dot */
|
||||
int i;
|
||||
symbol *sym;
|
||||
ucell p;
|
||||
|
||||
for (i=0; !isspace(*params); i++,params++) {
|
||||
assert(*params!='\0');
|
||||
assert(i<sNAMEMAX);
|
||||
assert(i<sNAMEMAX+1);
|
||||
name[i]=*params;
|
||||
} /* for */
|
||||
name[i]='\0';
|
||||
|
Loading…
x
Reference in New Issue
Block a user