summaryrefslogtreecommitdiff
path: root/src
diff options
context:
space:
mode:
authorrubidium <rubidium@openttd.org>2008-07-14 18:22:15 +0000
committerrubidium <rubidium@openttd.org>2008-07-14 18:22:15 +0000
commit71820bf1296d2d18800679dfb4ad5ac6265c6728 (patch)
treec426ac209a061950b169d5ba5312561161904460 /src
parentb7c69ba5f05dbadd3ad76d182e54d7e78cc958a2 (diff)
downloadopenttd-71820bf1296d2d18800679dfb4ad5ac6265c6728.tar.xz
(svn r13700) -Fix: possible buffer overflow in string truncation code.
Diffstat (limited to 'src')
-rw-r--r--src/gfx.cpp7
1 files changed, 4 insertions, 3 deletions
diff --git a/src/gfx.cpp b/src/gfx.cpp
index 491112431..8cd3cefaa 100644
--- a/src/gfx.cpp
+++ b/src/gfx.cpp
@@ -256,9 +256,10 @@ static int TruncateString(char *str, int maxw)
w += GetCharacterWidth(size, c);
if (w >= maxw) {
- /* string got too big... insert dotdotdot */
- ddd_pos[0] = ddd_pos[1] = ddd_pos[2] = '.';
- ddd_pos[3] = '\0';
+ /* string got too big... insert dotdotdot, but make sure we do not
+ * print anything beyond the string termination character. */
+ for (int i = 0; *ddd_pos != '\0' && i < 3; i++, ddd_pos++) *ddd_pos = '.';
+ *ddd_pos = '\0';
return ddd_w;
}
} else {