1
0
Fork 0
forked from fte/fteqw

Use snprintf and a larger buffer for file size.

In practice it would likely never overflow, but if you happen to have an implausible large demo in folder it could.
This commit is contained in:
Daniel Svensson 2023-12-22 10:58:37 +01:00
parent 3672234c24
commit 317ca00298

View file

@ -2728,7 +2728,7 @@ I've removed the following from this function as it covered the menu (~Moodles):
else if (!strcmp(command, "guidemos")) else if (!strcmp(command, "guidemos"))
{ {
int maxshowndemos; int maxshowndemos;
char sizestr[7]; char sizestr[11];
int start; int start;
int i; int i;
@ -2776,13 +2776,13 @@ I've removed the following from this function as it covered the menu (~Moodles):
if (i >= cluster->availdemoscount) if (i >= cluster->availdemoscount)
break; break;
if (cluster->availdemos[i].size < 1024) if (cluster->availdemos[i].size < 1024)
sprintf(sizestr, "%4ib", cluster->availdemos[i].size); snprintf(sizestr, sizeof(sizestr), "%4ib", cluster->availdemos[i].size);
else if (cluster->availdemos[i].size < 1024*1024) else if (cluster->availdemos[i].size < 1024*1024)
sprintf(sizestr, "%4ikb", cluster->availdemos[i].size/1024); snprintf(sizestr, sizeof(sizestr), "%4ikb", cluster->availdemos[i].size/1024);
else if (cluster->availdemos[i].size < 1024*1024*1024) else if (cluster->availdemos[i].size < 1024*1024*1024)
sprintf(sizestr, "%4imb", cluster->availdemos[i].size/(1024*1024)); snprintf(sizestr, sizeof(sizestr), "%4imb", cluster->availdemos[i].size/(1024*1024));
else// if (cluster->availdemos[i].size < 1024*1024*1024*1024) else// if (cluster->availdemos[i].size < 1024*1024*1024*1024)
sprintf(sizestr, "%4igb", cluster->availdemos[i].size/(1024*1024*1024)); snprintf(sizestr, sizeof(sizestr), "%4igb", cluster->availdemos[i].size/(1024*1024*1024));
// else // else
// *sizestr = 0; // *sizestr = 0;
QW_StuffcmdToViewer(v, "menutext 32 %i \"%6s %-30s\" \"demo %s\"\n", (i-start)*8 + 52+16, sizestr, cluster->availdemos[i].name, cluster->availdemos[i].name); QW_StuffcmdToViewer(v, "menutext 32 %i \"%6s %-30s\" \"demo %s\"\n", (i-start)*8 + 52+16, sizestr, cluster->availdemos[i].name, cluster->availdemos[i].name);