From 5b72167c8cabf506b8284c7b789c7edf26c4c8d0 Mon Sep 17 00:00:00 2001 From: truelight Date: Sat, 11 Dec 2004 12:30:12 +0000 Subject: (svn r1018) -Fix: Buffer overflow in edit box, because we misuse maxlen for a flag.. someone should rewrite the editbox! --- misc_gui.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) (limited to 'misc_gui.c') diff --git a/misc_gui.c b/misc_gui.c index cb21f33c9..d23862434 100644 --- a/misc_gui.c +++ b/misc_gui.c @@ -17,6 +17,9 @@ bool _query_string_active; void SetFiosType(const byte fiostype); +/* Now this is what I call dirty.. the edit-box needs to be rewritten! */ +static bool _do_edit_on_text_even_when_no_change_to_edit_box; + typedef struct LandInfoData { Town *town; int32 costclear; @@ -780,7 +783,7 @@ static void QueryStringWndProc(Window *w, WindowEvent *e) case 3: DeleteWindow(w); break; case 4: press_ok:; - if (str_eq(WP(w,querystr_d).buf, WP(w,querystr_d).buf + MAX_QUERYSTR_LEN) && (WP(w,querystr_d).maxlen & 0x1000) == 0) { + if (str_eq(WP(w,querystr_d).buf, WP(w,querystr_d).buf + MAX_QUERYSTR_LEN) && !_do_edit_on_text_even_when_no_change_to_edit_box) { DeleteWindow(w); } else { byte *buf = WP(w,querystr_d).buf; @@ -876,6 +879,13 @@ void ShowQueryString(StringID str, StringID caption, int maxlen, int maxwidth, b } else { GetString(_orig_edit_str_buf, str); } + + if (maxlen & 0x1000) { + _do_edit_on_text_even_when_no_change_to_edit_box = true; + maxlen &= ~0x1000; + } else + _do_edit_on_text_even_when_no_change_to_edit_box = false; + _orig_edit_str_buf[maxlen] = 0; memcpy(_edit_str_buf, _orig_edit_str_buf, MAX_QUERYSTR_LEN); -- cgit v1.2.3-54-g00ecf