fte/quakespasm
2
0
Fork 0
mirror of https://github.com/Shpoike/Quakespasm.git synced 2024-11-10 07:21:58 +00:00
Code Issues Projects Releases Packages Wiki Activity

pr_edict.c: use q_snprintf() in all ValueString procs.

Browse source 
Avoids risk of writing past end of buffer - e.g. 'edicts' command with
ad_blasphemy. See: https://github.com/sezero/quakespasm/issues/25
This commit is contained in:
Ozkan Sezer 2022-04-23 17:23:10 +03:00
parent 33085c5449
commit 1c970af021
1 changed files with 13 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

26
Quake/pr_edict.c
View file

@ -318,33 +318,33 @@ static const char *PR_ValueString (int type, eval_t *val)
switch (type)
{
case ev_string:
sprintf (line, "%s", PR_GetString(val->string));
q_snprintf (line, sizeof(line), "%s", PR_GetString(val->string));
break;
case ev_entity:
sprintf (line, "entity %i", NUM_FOR_EDICT(PROG_TO_EDICT(val->edict)) );
q_snprintf (line, sizeof(line), "entity %i", NUM_FOR_EDICT(PROG_TO_EDICT(val->edict)) );
break;
case ev_function:
f = pr_functions + val->function;
sprintf (line, "%s()", PR_GetString(f->s_name));
q_snprintf (line, sizeof(line), "%s()", PR_GetString(f->s_name));
break;
case ev_field:
def = ED_FieldAtOfs ( val->_int );
sprintf (line, ".%s", PR_GetString(def->s_name));
q_snprintf (line, sizeof(line), ".%s", PR_GetString(def->s_name));
break;
case ev_void:
sprintf (line, "void");
q_snprintf (line, sizeof(line), "void");
break;
case ev_float:
sprintf (line, "%5.1f", val->_float);
q_snprintf (line, sizeof(line), "%5.1f", val->_float);
break;
case ev_vector:
sprintf (line, "'%5.1f %5.1f %5.1f'", val->vector[0], val->vector[1], val->vector[2]);
q_snprintf (line, sizeof(line), "'%5.1f %5.1f %5.1f'", val->vector[0], val->vector[1], val->vector[2]);
break;
case ev_pointer:
sprintf (line, "pointer");
q_snprintf (line, sizeof(line), "pointer");
break;
default:
sprintf (line, "bad type %i", type);
q_snprintf (line, sizeof(line), "bad type %i", type);
break;
}
@ -420,11 +420,11 @@ const char *PR_GlobalString (int ofs)
val = (void *)&pr_globals[ofs];
def = ED_GlobalAtOfs(ofs);
if (!def)
sprintf (line,"%i(?)", ofs);
q_snprintf (line, sizeof(line), "%i(?)", ofs);
else
{
s = PR_ValueString (def->type, (eval_t *)val);
sprintf (line,"%i(%s)%s", ofs, PR_GetString(def->s_name), s);
q_snprintf (line, sizeof(line), "%i(%s)%s", ofs, PR_GetString(def->s_name), s);
}
i = strlen(line);
@ -443,9 +443,9 @@ const char *PR_GlobalStringNoContents (int ofs)
def = ED_GlobalAtOfs(ofs);
if (!def)
sprintf (line,"%i(?)", ofs);
q_snprintf (line, sizeof(line), "%i(?)", ofs);
else
sprintf (line,"%i(%s)", ofs, PR_GetString(def->s_name));
q_snprintf (line, sizeof(line), "%i(%s)", ofs, PR_GetString(def->s_name));
i = strlen(line);
for ( ; i < 20; i++)