mirror of
https://github.com/Ponce/slackbuilds
synced 2024-11-22 19:44:21 +01:00
4c6598c811
Signed-off-by: B. Watson <yalhcru@gmail.com> Signed-off-by: Willy Sudiarto Raharjo <willysr@slackbuilds.org>
54 lines
2.4 KiB
Diff
54 lines
2.4 KiB
Diff
diff -Naur rhapsody-0.28b/src/dcc.c rhapsody-0.28b.patched/src/dcc.c
|
|
--- rhapsody-0.28b/src/dcc.c 2006-02-24 01:46:19.000000000 -0500
|
|
+++ rhapsody-0.28b.patched/src/dcc.c 2021-09-16 15:46:52.830186229 -0400
|
|
@@ -702,7 +702,11 @@
|
|
FILE *fp;
|
|
int fd;
|
|
|
|
- sprintf(filepath, "%s/%s", configuration.dccdlpath, filename);
|
|
+ if(strchr(filename, "/")) {
|
|
+ vprint_all_attrib(ERROR_COLOR, "DCC File: Filename %s has directory separators, not allowed\n", filename);
|
|
+ }
|
|
+
|
|
+ snprintf(filepath, 1023, "%s/%s", configuration.dccdlpath, filename);
|
|
|
|
/* check if the file exists, and if it does, append a timestamp extension */
|
|
fp = fopen(filepath, "rb");
|
|
@@ -710,13 +714,13 @@
|
|
if (fp != NULL && configuration.dccduplicates == 1){
|
|
ct = time(NULL);
|
|
t = localtime(&ct);
|
|
- sprintf(filestamp, "%s.%04d%02d%02d%02d%02d%02d", filename, t->tm_year + 1900, t->tm_mon, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec);
|
|
+ snprintf(filestamp, 1023, "%s.%04d%02d%02d%02d%02d%02d", filename, t->tm_year + 1900, t->tm_mon, t->tm_mday, t->tm_hour, t->tm_min, t->tm_sec);
|
|
vprint_all_attrib(DCC_COLOR, "DCC file %s exists, saving as %s\n", filename, filestamp);
|
|
- sprintf(filepath, "%s/%s", configuration.dccdlpath, filestamp);
|
|
+ snprintf(filepath, 1023, "%s/%s", configuration.dccdlpath, filestamp);
|
|
fclose(fp);
|
|
strcpy(filenamex, filestamp);
|
|
}
|
|
- else strcpy(filenamex, filename);
|
|
+ else strncpy(filenamex, filename, 1023);
|
|
|
|
//fp = fopen(filepath, "wb");
|
|
//if (fp == NULL){
|
|
diff -Naur rhapsody-0.28b/src/screen.c rhapsody-0.28b.patched/src/screen.c
|
|
--- rhapsody-0.28b/src/screen.c 2006-02-24 01:46:19.000000000 -0500
|
|
+++ rhapsody-0.28b.patched/src/screen.c 2021-09-16 15:39:03.142240866 -0400
|
|
@@ -2294,7 +2294,7 @@
|
|
void add_input_buffer(inputwin *I, int value){
|
|
char scratch[MAXDATASIZE];
|
|
|
|
- if (I->cursorpos < MAXDATASIZE){
|
|
+ if (I->cursorpos < MAXDATASIZE - 1){
|
|
strcpy(scratch, &(I->inputbuffer)[I->cursorpos]);
|
|
(I->inputbuffer)[I->cursorpos] = value;
|
|
strcpy(&(I->inputbuffer)[I->cursorpos+1], scratch);
|
|
@@ -2306,7 +2306,7 @@
|
|
void append_input_buffer(inputwin *I, char *string){
|
|
char scratch[MAXDATASIZE];
|
|
|
|
- if (I->cursorpos + strlen(string) < MAXDATASIZE){
|
|
+ if (I->cursorpos + strlen(string) < MAXDATASIZE - 1){
|
|
strcpy(scratch, &(I->inputbuffer)[I->cursorpos]);
|
|
strcpy(&(I->inputbuffer)[I->cursorpos], string);
|
|
strcpy(&(I->inputbuffer)[I->cursorpos + strlen(string)], scratch);
|