From c904f6d4aa2ba2760b1ab7a5a2bba5b0d1d28631 Mon Sep 17 00:00:00 2001 From: David CARLIER Date: Sat, 16 Dec 2017 18:51:34 +0000 Subject: [PATCH] fix a few potential buffer overwrite in Game VM --- code/game/g_bot.c | 8 ++++---- code/game/g_client.c | 8 ++++---- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/code/game/g_bot.c b/code/game/g_bot.c index b5731a67..b6b205f1 100644 --- a/code/game/g_bot.c +++ b/code/game/g_bot.c @@ -817,19 +817,19 @@ void Svcmd_BotList_f( void ) { trap_Print("^1name model aifile funname\n"); for (i = 0; i < g_numBots; i++) { - strcpy(name, Info_ValueForKey( g_botInfos[i], "name" )); + Q_strncpyz(name, Info_ValueForKey( g_botInfos[i], "name" ), sizeof( name )); if ( !*name ) { strcpy(name, "UnnamedPlayer"); } - strcpy(funname, Info_ValueForKey( g_botInfos[i], "funname" )); + Q_strncpyz(funname, Info_ValueForKey( g_botInfos[i], "funname" ), sizeof( funname )); if ( !*funname ) { strcpy(funname, ""); } - strcpy(model, Info_ValueForKey( g_botInfos[i], "model" )); + Q_strncpyz(model, Info_ValueForKey( g_botInfos[i], "model" ), sizeof( model )); if ( !*model ) { strcpy(model, "visor/default"); } - strcpy(aifile, Info_ValueForKey( g_botInfos[i], "aifile")); + Q_strncpyz(aifile, Info_ValueForKey( g_botInfos[i], "aifile"), sizeof( aifile )); if (!*aifile ) { strcpy(aifile, "bots/default_c.c"); } diff --git a/code/game/g_client.c b/code/game/g_client.c index 457e058a..c6a0e874 100644 --- a/code/game/g_client.c +++ b/code/game/g_client.c @@ -838,11 +838,11 @@ void ClientUserinfoChanged( int clientNum ) { teamLeader = client->sess.teamLeader; // colors - strcpy(c1, Info_ValueForKey( userinfo, "color1" )); - strcpy(c2, Info_ValueForKey( userinfo, "color2" )); + Q_strncpyz(c1, Info_ValueForKey( userinfo, "color1" ), sizeof( c1 )); + Q_strncpyz(c2, Info_ValueForKey( userinfo, "color2" ), sizeof( c2 )); - strcpy(redTeam, Info_ValueForKey( userinfo, "g_redteam" )); - strcpy(blueTeam, Info_ValueForKey( userinfo, "g_blueteam" )); + Q_strncpyz(redTeam, Info_ValueForKey( userinfo, "g_redteam" ), sizeof( redTeam )); + Q_strncpyz(blueTeam, Info_ValueForKey( userinfo, "g_blueteam" ), sizeof( blueTeam )); // send over a subset of the userinfo keys so other clients can // print scoreboards, display models, and play custom sounds