luke
/
magic
mirror of https://github.com/RTimothyEdwards/magic.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

SimSelect.c: fix theoretical potential to write to .rodata string 

We make a copy of readonly string on function entry and use that instead.
strrchr() is a bit of an annoying API, takes const char* but returns char*
but it is the same string.  One for static analysis or C++.

SimSelectArea() argument unused.
This commit is contained in:
Darryl L. Miles 2025-10-03 23:08:39 +01:00 committed by R. Timothy Edwards
parent 5fe586100b
commit da216195b3
1 changed files with 4 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
sim/SimSelect.c
View File

@ -259,7 +259,7 @@ simFreeNodeEntry(
TileListElt * TileListElt *
SimSelectArea( SimSelectArea(
const Rect *rect) const Rect * __unused__(rect))
{ {
int plane; int plane;
int SimSelectFunc(Tile *tile, ClientData cdata); /* cb_database_srpaintarea_t (TileListElt **pHead) */ int SimSelectFunc(Tile *tile, ClientData cdata); /* cb_database_srpaintarea_t (TileListElt **pHead) */
@ -445,6 +445,7 @@ SimSelection(
static const char QUESTstring[] = "?"; static const char QUESTstring[] = "?";
char timeString[256]; char timeString[256];
char questString[2];
TileListElt *current, *node_list; TileListElt *current, *node_list;
char *replyLine; char *replyLine;
char *strPtr; char *strPtr;
@ -453,6 +454,7 @@ SimSelection(
extern void RsimErrorMsg(void); extern void RsimErrorMsg(void);
timeString[0] = 0; timeString[0] = 0;
strcpy(questString, QUESTstring); /* writable form */
/* check to see if Rsim has been started yet */ /* check to see if Rsim has been started yet */
@ -521,7 +523,7 @@ the selection.\n");
strPtr = strrchr( replyLine, '=' ); strPtr = strrchr( replyLine, '=' );
if( strPtr == NULL ) if( strPtr == NULL )
strPtr = QUESTstring; strPtr = questString;
else if( coord ) else if( coord )
{ {
*strPtr = '\0'; *strPtr = '\0';