From 3c4823a07e799709d66ce4473ca10c3d02b27525 Mon Sep 17 00:00:00 2001 From: Roman Fomin Date: Tue, 17 Oct 2023 22:52:37 +0700 Subject: [PATCH] fix level stats widget string overflow (#1228) * set HU_MAXLINELENGTH to 120 --- src/hu_lib.c | 2 +- src/hu_lib.h | 2 +- src/hu_stuff.c | 24 ++++++++++++++---------- 3 files changed, 16 insertions(+), 12 deletions(-) diff --git a/src/hu_lib.c b/src/hu_lib.c index fa6c09d2..25d3b307 100644 --- a/src/hu_lib.c +++ b/src/hu_lib.c @@ -100,7 +100,7 @@ void HUlib_clear_all_lines (hu_multiline_t *const m) static boolean add_char_to_line(hu_line_t *const t, const char ch) { - if (t->len == HU_MAXLINELENGTH) + if (t->len == HU_MAXLINELENGTH - 1) return false; else { diff --git a/src/hu_lib.h b/src/hu_lib.h index 36e87e82..1bf68819 100644 --- a/src/hu_lib.h +++ b/src/hu_lib.h @@ -48,7 +48,7 @@ extern patch_t **hu_font; #define CR_ORIG (-1) // [FG] reset to original color -#define HU_MAXLINELENGTH 80 +#define HU_MAXLINELENGTH 120 //jff 2/26/98 maximum number of messages allowed in refresh list #define HU_MAXMESSAGES 8 diff --git a/src/hu_stuff.c b/src/hu_stuff.c index 037ed2f9..c3625943 100644 --- a/src/hu_stuff.c +++ b/src/hu_stuff.c @@ -1091,7 +1091,7 @@ static void HU_widget_build_monsec(void) { char hud_monsecstr[HU_MAXLINELENGTH]; int i, playerscount; - char kills_str[60]; + char kills_str[HU_MAXLINELENGTH]; int offset = 0; int kills = 0, kills_color, kills_percent, kills_percent_color; @@ -1105,12 +1105,12 @@ static void HU_widget_build_monsec(void) { if (playerscount == 0) { - offset = sprintf(kills_str, + offset = M_snprintf(kills_str, sizeof(kills_str), "\x1b%c%d", color, players[i].killcount); } else { - offset += sprintf(kills_str + offset, + offset += M_snprintf(kills_str + offset, sizeof(kills_str) - offset, "\x1b%c+\x1b%c%d", '0'+CR_GREEN, color, players[i].killcount); } @@ -1129,36 +1129,40 @@ static void HU_widget_build_monsec(void) if (playerscount > 1) { - offset = sprintf(hud_monsecstr, + offset = M_snprintf(hud_monsecstr, sizeof(hud_monsecstr), "\x1b%cK %s \x1b%c%d/%d", '0'+CR_RED, kills_str, kills_color, kills, totalkills); } else { - offset = sprintf(hud_monsecstr, + offset = M_snprintf(hud_monsecstr, sizeof(hud_monsecstr), "\x1b%cK \x1b%c%d/%d", '0'+CR_RED, kills_color, plr->killcount, totalkills); } if (extrakills) { - offset += sprintf(hud_monsecstr + offset, "+%d", extrakills); + offset += M_snprintf(hud_monsecstr + offset, sizeof(hud_monsecstr) - offset, + "+%d", extrakills); } if (hud_threelined_widgets) { - sprintf(hud_monsecstr + offset, " \x1b%c%d%%", kills_percent_color, kills_percent); + M_snprintf(hud_monsecstr + offset, sizeof(hud_monsecstr) - offset, + " \x1b%c%d%%", kills_percent_color, kills_percent); HUlib_add_string_to_cur_line(&w_monsec, hud_monsecstr); - sprintf(hud_monsecstr, "\x1b%cI \x1b%c%d/%d", ('0'+CR_RED), items_color, items, totalitems); + M_snprintf(hud_monsecstr, sizeof(hud_monsecstr), + "\x1b%cI \x1b%c%d/%d", ('0'+CR_RED), items_color, items, totalitems); HUlib_add_string_to_cur_line(&w_monsec, hud_monsecstr); - sprintf(hud_monsecstr, "\x1b%cS \x1b%c%d/%d", ('0'+CR_RED), secrets_color, secrets, totalsecret); + M_snprintf(hud_monsecstr, sizeof(hud_monsecstr), + "\x1b%cS \x1b%c%d/%d", ('0'+CR_RED), secrets_color, secrets, totalsecret); HUlib_add_string_to_cur_line(&w_monsec, hud_monsecstr); } else { - sprintf(hud_monsecstr + offset, + M_snprintf(hud_monsecstr + offset, sizeof(hud_monsecstr) - offset, " \x1b%c%d%% \x1b%cI \x1b%c%d/%d \x1b%cS \x1b%c%d/%d", kills_percent_color, kills_percent, '0'+CR_RED, items_color, items, totalitems,