From 618aa941b7b10ee1ea0fb8e55de1dc90f45efaa7 Mon Sep 17 00:00:00 2001
From: Mark Olsen <isthisinuse@users.sourceforge.net>
Date: Fri, 21 Apr 2006 16:25:25 +0000
Subject: [PATCH] Fixed 2 remotely exploitable buffer overflow bugs.

git-svn-id: https://svn.code.sf.net/p/fteqw/code/trunk@2229 fc73d0e0-1445-4013-8a0c-d673dee63da5
---
 engine/client/snd_dma.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/engine/client/snd_dma.c b/engine/client/snd_dma.c
index c2de01b28..cf3b99441 100644
--- a/engine/client/snd_dma.c
+++ b/engine/client/snd_dma.c
@@ -1368,11 +1368,11 @@ void S_Play(void)
 	{
 		if (!Q_strrchr(Cmd_Argv(i), '.'))
 		{
-			Q_strcpy(name, Cmd_Argv(i));
+			Q_strncpy(name, Cmd_Argv(i), sizeof(name)-4);
 			Q_strcat(name, ".wav");
 		}
 		else
-			Q_strcpy(name, Cmd_Argv(i));
+			Q_strncpy(name, Cmd_Argv(i), sizeof(name));
 		sfx = S_PrecacheSound(name);
 		S_StartSound(cl.playernum[0]+1, -1, sfx, vec3_origin, 1.0, 0.0);
 //		hash++;
@@ -1393,11 +1393,11 @@ void S_PlayVol(void)
 	{
 		if (!Q_strrchr(Cmd_Argv(i), '.'))
 		{
-			Q_strcpy(name, Cmd_Argv(i));
+			Q_strncpy(name, Cmd_Argv(i), sizeof(name)-4);
 			Q_strcat(name, ".wav");
 		}
 		else
-			Q_strcpy(name, Cmd_Argv(i));
+			Q_strncpy(name, Cmd_Argv(i), sizeof(name));
 		sfx = S_PrecacheSound(name);
 		vol = Q_atof(Cmd_Argv(i+1));
 		S_StartSound(cl.playernum[0]+1, -1, sfx, vec3_origin, vol, 0.0);