kyonshi/tbamud
1
0
Fork 0
mirror of https://github.com/tbamud/tbamud.git synced 2026-04-30 04:41:51 +02:00
Code Issues Packages Projects Releases Wiki Activity

Fix unbounded strcpy of password from player file (use strncpy with MAX_PWD_LENGTH)

Browse Source 
Agent-Logs-Url: https://github.com/tbamud/tbamud/sessions/28ad1d51-d776-4038-a489-db00dc08e5ff

Co-authored-by: welcor <357770+welcor@users.noreply.github.com>
This commit is contained in:
copilot-swe-agent[bot]
2026-04-24 10:21:06 +00:00
committed by GitHub
parent fd81fadaed
commit bf9105aa4a
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
src/players.c
View File

@@ -405,7 +405,7 @@ int load_char(const char *name, struct char_data *ch)
case 'P': case 'P':
if (!strcmp(tag, "Page")) GET_PAGE_LENGTH(ch) = atoi(line); if (!strcmp(tag, "Page")) GET_PAGE_LENGTH(ch) = atoi(line);
else if (!strcmp(tag, "Pass")) strcpy(GET_PASSWD(ch), line); else if (!strcmp(tag, "Pass")) { strncpy(GET_PASSWD(ch), line, MAX_PWD_LENGTH); GET_PASSWD(ch)[MAX_PWD_LENGTH] = '\0'; }
else if (!strcmp(tag, "Plyd")) ch->player.time.played = atoi(line); else if (!strcmp(tag, "Plyd")) ch->player.time.played = atoi(line);
else if (!strcmp(tag, "PfIn")) POOFIN(ch) = strdup(line); else if (!strcmp(tag, "PfIn")) POOFIN(ch) = strdup(line);
else if (!strcmp(tag, "PfOt")) POOFOUT(ch) = strdup(line); else if (!strcmp(tag, "PfOt")) POOFOUT(ch) = strdup(line);