mirror
/
devilutionX
mirror of https://github.com/diasurgical/devilutionX.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Gard against overflows in UI

pull/796/head
Anders Jenbo 6 years ago
parent
62de5f1600
commit
d749e5e6f2
6 changed files with 39 additions and 39 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 2
      SourceX/DiabloUI/diabloui.cpp
  2. 8
      SourceX/DiabloUI/selconn.cpp
  3. 20
      SourceX/DiabloUI/selgame.cpp
  4. 44
      SourceX/DiabloUI/selhero.cpp
  5. 2
      SourceX/DiabloUI/selok.cpp
  6. 2
      SourceX/DiabloUI/selyesno.cpp

2
SourceX/DiabloUI/diabloui.cpp
Unescape View File

@ -481,7 +481,7 @@ BOOL UiValidPlayerName(char *name)
};
char tmpname[PLR_NAME_LEN];
strcpy(tmpname, name);
strncpy(tmpname, name, PLR_NAME_LEN - 1);
for (size_t i = 0, n = strlen(tmpname); i < n; i++)
tmpname[i]++;

8
SourceX/DiabloUI/selconn.cpp
Unescape View File

@ -104,23 +104,23 @@ void selconn_Focus(int value)
switch (value) {
#ifndef NONET
case SELCONN_TCP:
strcpy(selconn_Description, "All computers must be connected to a TCP-compatible network.");
strncpy(selconn_Description, "All computers must be connected to a TCP-compatible network.", sizeof(selconn_Description) - 1);
players = MAX_PLRS;
break;
#ifdef BUGGY
case SELCONN_UDP:
strcpy(selconn_Description, "All computers must be connected to a UDP-compatible network.");
strncpy(selconn_Description, "All computers must be connected to a UDP-compatible network.", sizeof(selconn_Description) - 1);
players = MAX_PLRS;
break;
#endif
#endif
case SELCONN_LOOPBACK:
strcpy(selconn_Description, "Play by yourself with no network exposure.");
strncpy(selconn_Description, "Play by yourself with no network exposure.", sizeof(selconn_Description) - 1);
players = 1;
break;
}
sprintf(selconn_MaxPlayers, "Players Supported: %d", players);
snprintf(selconn_MaxPlayers, sizeof(selconn_MaxPlayers), "Players Supported: %d", players);
WordWrapArtStr(selconn_Description, DESCRIPTION_WIDTH);
}

20
SourceX/DiabloUI/selgame.cpp
Unescape View File

@ -104,10 +104,10 @@ void selgame_GameSelection_Focus(int value)
{
switch (value) {
case 0:
strcpy(selgame_Description, "Create a new game with a difficulty setting of your choice.");
strncpy(selgame_Description, "Create a new game with a difficulty setting of your choice.", sizeof(selgame_Description) - 1);
break;
case 1:
strcpy(selgame_Description, "Enter an IP or a hostname and join a game already in progress at that address.");
strncpy(selgame_Description, "Enter an IP or a hostname and join a game already in progress at that address.", sizeof(selgame_Description) - 1);
break;
}
WordWrapArtStr(selgame_Description, DESCRIPTION_WIDTH);
@ -149,7 +149,7 @@ void selgame_GameSelection_Select(int value)
switch (value) {
case 0: {
strcpy(title, "Create Game");
strncpy(title, "Create Game", sizeof(title) - 1);
SDL_Rect rect4 = { PANEL_LEFT + 299, 211, 295, 35 };
vecSelGameDialog.push_back(new UiArtText("Select Difficulty", rect4, UIS_CENTER | UIS_BIG));
@ -170,7 +170,7 @@ void selgame_GameSelection_Select(int value)
break;
}
case 1:
strcpy(title, "Join TCP Games");
strncpy(title, "Join TCP Games", sizeof(title) - 1);
SDL_Rect rect4 = { PANEL_LEFT + 305, 211, 285, 33 };
vecSelGameDialog.push_back(new UiArtText("Enter address", rect4, UIS_CENTER | UIS_BIG));
@ -200,16 +200,16 @@ void selgame_Diff_Focus(int value)
{
switch (value) {
case DIFF_NORMAL:
strcpy(selgame_Label, "Normal");
strcpy(selgame_Description, "Normal Difficulty\nThis is where a starting character should begin the quest to defeat Diablo.");
strncpy(selgame_Label, "Normal", sizeof(selgame_Label) - 1);
strncpy(selgame_Description, "Normal Difficulty\nThis is where a starting character should begin the quest to defeat Diablo.", sizeof(selgame_Description) - 1);
break;
case DIFF_NIGHTMARE:
strcpy(selgame_Label, "Nightmare");
strcpy(selgame_Description, "Nightmare Difficulty\nThe denizens of the Labyrinth have been bolstered and will prove to be a greater challenge. This is recommended for experienced characters only.");
strncpy(selgame_Label, "Nightmare", sizeof(selgame_Label) - 1);
strncpy(selgame_Description, "Nightmare Difficulty\nThe denizens of the Labyrinth have been bolstered and will prove to be a greater challenge. This is recommended for experienced characters only.", sizeof(selgame_Description) - 1);
break;
case DIFF_HELL:
strcpy(selgame_Label, "Hell");
strcpy(selgame_Description, "Hell Difficulty\nThe most powerful of the underworld's creatures lurk at the gateway into Hell. Only the most experienced characters should venture in this realm.");
strncpy(selgame_Label, "Hell", sizeof(selgame_Label) - 1);
strncpy(selgame_Description, "Hell Difficulty\nThe most powerful of the underworld's creatures lurk at the gateway into Hell. Only the most experienced characters should venture in this realm.", sizeof(selgame_Description) - 1);
break;
}
WordWrapArtStr(selgame_Description, DESCRIPTION_WIDTH);

44
SourceX/DiabloUI/selhero.cpp
Unescape View File

@ -91,11 +91,11 @@ void selhero_Free()
void selhero_SetStats()
{
SELHERO_DIALOG_HERO_IMG->m_frame = selhero_heroInfo.heroclass;
sprintf(textStats[0], "%d", selhero_heroInfo.level);
sprintf(textStats[1], "%d", selhero_heroInfo.strength);
sprintf(textStats[2], "%d", selhero_heroInfo.magic);
sprintf(textStats[3], "%d", selhero_heroInfo.dexterity);
sprintf(textStats[4], "%d", selhero_heroInfo.vitality);
snprintf(textStats[0], sizeof(textStats[0]), "%d", selhero_heroInfo.level);
snprintf(textStats[1], sizeof(textStats[1]), "%d", selhero_heroInfo.strength);
snprintf(textStats[2], sizeof(textStats[2]), "%d", selhero_heroInfo.magic);
snprintf(textStats[3], sizeof(textStats[3]), "%d", selhero_heroInfo.dexterity);
snprintf(textStats[4], sizeof(textStats[4]), "%d", selhero_heroInfo.vitality);
}
namespace {
@ -186,11 +186,11 @@ void selhero_List_Focus(int value)
}
SELHERO_DIALOG_HERO_IMG->m_frame = UI_NUM_CLASSES;
strcpy(textStats[0], "--");
strcpy(textStats[1], "--");
strcpy(textStats[2], "--");
strcpy(textStats[3], "--");
strcpy(textStats[4], "--");
strncpy(textStats[0], "--", sizeof(textStats[0]) - 1);
strncpy(textStats[1], "--", sizeof(textStats[1]) - 1);
strncpy(textStats[2], "--", sizeof(textStats[2]) - 1);
strncpy(textStats[3], "--", sizeof(textStats[3]) - 1);
strncpy(textStats[4], "--", sizeof(textStats[4]) - 1);
SELLIST_DIALOG_DELETE_BUTTON->m_iFlags = baseFlags | UIS_DISABLED;
selhero_deleteEnabled = false;
}
@ -224,9 +224,9 @@ void selhero_List_Select(int value)
UiInitList(0, 2, selhero_ClassSelector_Focus, selhero_ClassSelector_Select, selhero_ClassSelector_Esc, vecSelDlgItems);
memset(&selhero_heroInfo.name, 0, sizeof(selhero_heroInfo.name));
strcpy(title, "New Single Player Hero");
strncpy(title, "New Single Player Hero", sizeof(title) - 1);
if (selhero_isMultiPlayer) {
strcpy(title, "New Multi Player Hero");
strncpy(title, "New Multi Player Hero", sizeof(title) - 1);
}
return;
}
@ -249,7 +249,7 @@ void selhero_List_Select(int value)
vecSelDlgItems.push_back(new UiArtTextButton("Cancel", &UiFocusNavigationEsc, rect3, UIS_CENTER | UIS_VCENTER | UIS_BIG | UIS_GOLD));
UiInitList(0, 1, selhero_Load_Focus, selhero_Load_Select, selhero_List_Init, vecSelDlgItems, true);
strcpy(title, "Single Player Characters");
strncpy(title, "Single Player Characters", sizeof(title) - 1);
return;
}
@ -290,13 +290,13 @@ void selhero_ClassSelector_Select(int value)
return;
}
strcpy(title, "New Single Player Hero");
strncpy(title, "New Single Player Hero", sizeof(title) - 1);
if (selhero_isMultiPlayer) {
strcpy(title, "New Multi Player Hero");
strncpy(title, "New Multi Player Hero", sizeof(title) - 1);
}
memset(selhero_heroInfo.name, '\0', sizeof(selhero_heroInfo.name));
#ifdef PREFILL_PLAYER_NAME
strcpy(selhero_heroInfo.name, selhero_GenerateName(selhero_heroInfo.heroclass));
strncpy(selhero_heroInfo.name, selhero_GenerateName(selhero_heroInfo.heroclass), sizeof(selhero_heroInfo.name) - 1);
#endif
selhero_FreeDlgItems();
SDL_Rect rect1 = { PANEL_LEFT + 264, 211, 320, 33 };
@ -340,7 +340,7 @@ void selhero_Name_Select(int value)
if (strcasecmp(selhero_heros[i].name, selhero_heroInfo.name) == 0) {
ArtBackground.Unload();
char dialogText[256];
sprintf(dialogText, "Character already exists. Do you want to overwrite \"%s\"?", selhero_heroInfo.name);
snprintf(dialogText, sizeof(dialogText), "Character already exists. Do you want to overwrite \"%s\"?", selhero_heroInfo.name);
overwrite = UiSelHeroYesNoDialog(title, dialogText);
LoadBackgroundArt("ui_art\\selhero.pcx");
break;
@ -360,7 +360,7 @@ void selhero_Name_Select(int value)
memset(selhero_heroInfo.name, '\0', sizeof(selhero_heroInfo.name));
#ifdef PREFILL_PLAYER_NAME
strcpy(selhero_heroInfo.name, selhero_GenerateName(selhero_heroInfo.heroclass));
strncpy(selhero_heroInfo.name, selhero_GenerateName(selhero_heroInfo.heroclass), sizeof(selhero_heroInfo.name) - 1);
#endif
selhero_ClassSelector_Select(selhero_heroInfo.heroclass);
}
@ -475,11 +475,11 @@ BOOL UiSelHeroDialog(
char dialogTitle[32];
char dialogText[256];
if (selhero_isMultiPlayer) {
strcpy(dialogTitle, "Delete Multi Player Hero");
strncpy(dialogTitle, "Delete Multi Player Hero", sizeof(dialogTitle) - 1);
} else {
strcpy(dialogTitle, "Delete Single Player Hero");
strncpy(dialogTitle, "Delete Single Player Hero", sizeof(dialogTitle) - 1);
}
sprintf(dialogText, "Are you sure you want to delete the character \"%s\"?", selhero_heroInfo.name);
snprintf(dialogText, sizeof(dialogText), "Are you sure you want to delete the character \"%s\"?", selhero_heroInfo.name);
if (UiSelHeroYesNoDialog(dialogTitle, dialogText))
fnremove(&selhero_heroInfo);
@ -487,7 +487,7 @@ BOOL UiSelHeroDialog(
} while (selhero_navigateYesNo);
*dlgresult = selhero_result;
strcpy(name, selhero_heroInfo.name);
strncpy(name, selhero_heroInfo.name, sizeof(name) - 1);
UnloadScrollBar();
return true;

2
SourceX/DiabloUI/selok.cpp
Unescape View File

@ -78,7 +78,7 @@ void UiSelOkDialog(const char *title, const char *body, bool background)
vecSelOkDialogItems.push_back(new UiListItem("OK", 0));
vecSelOkDialog.push_back(new UiList(vecSelOkDialogItems, PANEL_LEFT + 230, 390, 180, 35, UIS_CENTER | UIS_BIG | UIS_GOLD));
strcpy(dialogText, body);
strncpy(dialogText, body, sizeof(dialogText) - 1);
WordWrapArtStr(dialogText, MESSAGE_WIDTH);
UiInitList(0, 0, NULL, selok_Select, selok_Esc, vecSelOkDialog, false, NULL);

2
SourceX/DiabloUI/selyesno.cpp
Unescape View File

@ -61,7 +61,7 @@ bool UiSelHeroYesNoDialog(const char *title, const char *body)
vecSelYesNoDialogItems.push_back(new UiListItem("No", 1));
vecSelYesNoDialog.push_back(new UiList(vecSelYesNoDialogItems, PANEL_LEFT + 230, 390, 180, 35, UIS_CENTER | UIS_BIG | UIS_GOLD));
strcpy(selyesno_confirmationMessage, body);
strncpy(selyesno_confirmationMessage, body, sizeof(selyesno_confirmationMessage) - 1);
WordWrapArtStr(selyesno_confirmationMessage, MESSAGE_WIDTH);
UiInitList(0, 1, NULL, selyesno_Select, selyesno_Esc, vecSelYesNoDialog, true, NULL);

Write Preview
Loading…
Cancel
Save