https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2004-0149 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=174924 --- demo.c | 2 +- editor.c | 12 ++++++------ file.c | 2 +- highscore.c | 6 +++--- misc.c | 2 +- preview.c | 2 +- 6 files changed, 13 insertions(+), 13 deletions(-) diff --git a/demo.c b/demo.c index 9084e70..f4fc2cd 100644 --- a/demo.c +++ b/demo.c @@ -154,7 +154,7 @@ static void DoBlocks(display, window) /* Construct the demo level filename */ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/demo.data", str); + snprintf(levelPath, sizeof(levelPath),"%s/demo.data", str); else sprintf(levelPath, "%s/demo.data", LEVEL_INSTALL_DIR); diff --git a/editor.c b/editor.c index f2bb9ed..66d0679 100644 --- a/editor.c +++ b/editor.c @@ -213,7 +213,7 @@ static void DoLoadLevel(display, window) /* Construct the Edit level filename */ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/editor.data", str); + snprintf(levelPath,sizeof(levelPath)-1, "%s/editor.data", str); else sprintf(levelPath, "%s/editor.data", LEVEL_INSTALL_DIR); @@ -958,8 +958,8 @@ static void LoadALevel(display) if ((num > 0) && (num <= MAX_NUM_LEVELS)) { /* Construct the Edit level filename */ - if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num); + if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) + snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", str2, (u_long) num); else sprintf(levelPath, "%s/level%02ld.data", LEVEL_INSTALL_DIR, (u_long) num); @@ -1017,9 +1017,9 @@ static void SaveALevel(display) num = atoi(str); if ((num > 0) && (num <= MAX_NUM_LEVELS)) { - /* Construct the Edit level filename */ - if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/level%02ld.data", str2, (u_long) num); + /* Construct the Edit level filename */ + if ((str2 = getenv("XBOING_LEVELS_DIR")) != NULL) + snprintf(levelPath, sizeof(levelPath)-1,"%s/level%02ld.data", str2, (u_long) num); else sprintf(levelPath, "%s/level%02ld.data", LEVEL_INSTALL_DIR, (u_long) num); diff --git a/file.c b/file.c index 4c043cd..99a0854 100644 --- a/file.c +++ b/file.c @@ -139,7 +139,7 @@ void SetupStage(display, window) /* Construct the level filename */ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/level%02ld.data", str, newLevel); + snprintf(levelPath,sizeof(levelPath), "%s/level%02ld.data", str, newLevel); else sprintf(levelPath, "%s/level%02ld.data", LEVEL_INSTALL_DIR, newLevel); diff --git a/highscore.c b/highscore.c index f0db3e9..792273e 100644 --- a/highscore.c +++ b/highscore.c @@ -1023,7 +1023,7 @@ int ReadHighScoreTable(type) { /* Use the environment variable if it exists */ if ((str = getenv("XBOING_SCORE_FILE")) != NULL) - strcpy(filename, str); + strncpy(filename, str, sizeof(filename)-1); else strcpy(filename, HIGH_SCORE_FILE); } @@ -1095,7 +1095,7 @@ int WriteHighScoreTable(type) { /* Use the environment variable if it exists */ if ((str = getenv("XBOING_SCORE_FILE")) != NULL) - strcpy(filename, str); + strncpy(filename, str, sizeof(filename)-1); else strcpy(filename, HIGH_SCORE_FILE); } @@ -1218,7 +1218,7 @@ static int LockUnlock(cmd) /* Use the environment variable if it exists */ if ((str = getenv("XBOING_SCORE_FILE")) != NULL) - strcpy(filename, str); + strncpy(filename, str, sizeof(filename)-1); else strcpy(filename, HIGH_SCORE_FILE); diff --git a/misc.c b/misc.c index f3ab37e..7f3ddce 100644 --- a/misc.c +++ b/misc.c @@ -427,7 +427,7 @@ char *GetHomeDir() */ if ((ptr = getenv("HOME")) != NULL) - (void) strcpy(dest, ptr); + (void) strncpy(dest, ptr,sizeof(dest)-1); else { /* HOME variable is not present so get USER var */ diff --git a/preview.c b/preview.c index 41c1187..687f566 100644 --- a/preview.c +++ b/preview.c @@ -139,7 +139,7 @@ static void DoLoadLevel(display, window) /* Construct the Preview level filename */ if ((str = getenv("XBOING_LEVELS_DIR")) != NULL) - sprintf(levelPath, "%s/level%02d.data", str, lnum); + snprintf(levelPath, sizeof(levelPath)-1, "%s/level%02d.data", str, lnum); else sprintf(levelPath, "%s/level%02d.data", LEVEL_INSTALL_DIR, lnum); -- 2.15.1