diff options
author | smatz <smatz@openttd.org> | 2009-09-22 12:42:56 +0000 |
---|---|---|
committer | smatz <smatz@openttd.org> | 2009-09-22 12:42:56 +0000 |
commit | 665864e5b035189c10de1d545650662f5797f5d5 (patch) | |
tree | 7d522c78409d92c43c76dbf5abf0f89cbfa801a9 | |
parent | 3a7da3092216390f5c466fe4198d263f6c638f2b (diff) | |
download | openttd-665864e5b035189c10de1d545650662f5797f5d5.tar.xz |
(svn r17611) -Fix: buffers used for verifying company and president name length were too short, possibly causing false positives
-rw-r--r-- | src/company_cmd.cpp | 11 | ||||
-rw-r--r-- | src/strings_type.h | 1 | ||||
-rw-r--r-- | src/town_cmd.cpp | 7 |
3 files changed, 13 insertions, 6 deletions
diff --git a/src/company_cmd.cpp b/src/company_cmd.cpp index bc249dd92..7d05ffb93 100644 --- a/src/company_cmd.cpp +++ b/src/company_cmd.cpp @@ -260,7 +260,9 @@ static void GenerateCompanyName(Company *c) StringID str; Company *cc; uint32 strp; - char buffer[100]; + /* Reserve space for extra unicode character. We need to do this to be able + * to detect too long company name. */ + char buffer[MAX_LENGTH_COMPANY_NAME_BYTES + MAX_CHAR_LENGTH]; if (c->name_1 != STR_SV_UNNAMED) return; @@ -392,7 +394,9 @@ restart:; c->president_name_2 = Random(); c->president_name_1 = SPECSTR_PRESIDENT_NAME; - char buffer[MAX_LENGTH_PRESIDENT_NAME_BYTES + 1]; + /* Reserve space for extra unicode character. We need to do this to be able + * to detect too long president name. */ + char buffer[MAX_LENGTH_PRESIDENT_NAME_BYTES + MAX_CHAR_LENGTH]; SetDParam(0, c->index); GetString(buffer, STR_PRESIDENT_NAME, lastof(buffer)); if (strlen(buffer) >= MAX_LENGTH_PRESIDENT_NAME_BYTES) continue; @@ -400,7 +404,8 @@ restart:; Company *cc; FOR_ALL_COMPANIES(cc) { if (c != cc) { - char buffer2[MAX_LENGTH_PRESIDENT_NAME_BYTES + 2]; + /* Reserve extra space so even overlength president names can be compared. */ + char buffer2[MAX_LENGTH_PRESIDENT_NAME_BYTES + MAX_CHAR_LENGTH]; SetDParam(0, cc->index); GetString(buffer2, STR_PRESIDENT_NAME, lastof(buffer2)); if (strcmp(buffer2, buffer) == 0) goto restart; diff --git a/src/strings_type.h b/src/strings_type.h index a77ad663b..91d42d0cb 100644 --- a/src/strings_type.h +++ b/src/strings_type.h @@ -17,6 +17,7 @@ */ typedef uint16 StringID; static const StringID INVALID_STRING_ID = 0xFFFF; ///< Constant representing an invalid string +static const int MAX_CHAR_LENGTH = 4; ///< Max. length of UTF-8 encoded unicode character enum { MAX_LANG = 64, ///< Maximal number of languages supported by the game diff --git a/src/town_cmd.cpp b/src/town_cmd.cpp index 49f462e0b..b078fe982 100644 --- a/src/town_cmd.cpp +++ b/src/town_cmd.cpp @@ -1419,9 +1419,10 @@ struct TownNameParams { */ static bool VerifyTownName(uint32 r, const TownNameParams *par) { - /* reserve space for extra unicode character and terminating '\0' */ - char buf1[MAX_LENGTH_TOWN_NAME_BYTES + 4 + 1]; - char buf2[MAX_LENGTH_TOWN_NAME_BYTES + 4 + 1]; + /* Reserve space for extra unicode character. We need to do this to be able + * to detect too long town name. */ + char buf1[MAX_LENGTH_TOWN_NAME_BYTES + MAX_CHAR_LENGTH]; + char buf2[MAX_LENGTH_TOWN_NAME_BYTES + MAX_CHAR_LENGTH]; SetDParam(0, r); if (par->grf && par->grfid != 0) { |