Mercurial > hg > openttd

changeset 5317:d304820ae8fb draft

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
(svn r7475) -Fix (r7348): sanity check NewGRF action 8 strings for null terminator
author peter1138 <peter1138@openttd.org>
date Sun, 10 Dec 2006 21:39:38 +0000
parents 1241345c0877
children 7748f3702208
files newgrf.c string.h
diffstat 2 files changed, 29 insertions(+), 4 deletions(-) [+]
line wrap: on
line diff
--- a/newgrf.c
+++ b/newgrf.c
@@ -2466,6 +2466,7 @@
 	}
 }
 
+
 /* Action 0x08 (GLS_FILESCAN) */
 static void ScanInfo(byte *buf, int len)
 {
@@ -2473,16 +2474,30 @@
 	uint32 grfid;
 	const char *name;
 	const char *info;
+	int name_len;
+	int info_len;
 
 	check_length(len, 8, "Info"); buf++;
 	version = grf_load_byte(&buf);
 	grfid = grf_load_dword(&buf);
-	name = (const char*)buf;
-	info = name + strlen(name) + 1;
 
 	_cur_grfconfig->grfid = grfid;
-	_cur_grfconfig->name  = TranslateTTDPatchCodes(name);
-	_cur_grfconfig->info  = TranslateTTDPatchCodes(info);
+
+	len -= 6;
+	name = (const char*)buf;
+	name_len = ttd_strnlen(name, len);
+
+	if (name_len < len) {
+		_cur_grfconfig->name = TranslateTTDPatchCodes(name);
+
+		len -= name_len + 1;
+		info = name + name_len + 1;
+		info_len = ttd_strnlen(info, len);
+
+		if (info_len < len) {
+			_cur_grfconfig->info  = TranslateTTDPatchCodes(info);
+		}
+	}
 
 	_skip_sprites = -1;
 }
--- a/string.h
+++ b/string.h
@@ -46,6 +46,16 @@
 /** Convert the given string to lowercase, only works with ASCII! */
 void strtolower(char *str);
 
+
+/** Get the length of a string, within a limited buffer */
+static inline int ttd_strnlen(const char *str, int maxlen)
+{
+	const char *t;
+	for (t = str; *t != '\0' && t - str < maxlen; t++);
+	return t - str;
+}
+
+
 typedef uint32 WChar;
 
 /**