Potential buffer overflow in pakselector.cc

Welcome to The International Simutrans Forum.
Log in
Sign up

Main Menu

Home
Search

The International Simutrans Forum
► Development
► Patches & Projects
► Incorporated Patches and Solved Bug Reports (Moderator: Dwachs)
► Potential buffer overflow in pakselector.cc

August 06, 2025, 10:31:08 PM

News:

Use the "Forum Search"
It may help you to find anything in the forum

Potential buffer overflow in pakselector.cc

Started by Spike, March 20, 2012, 09:59:04 AM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Go Down Pages1

User actions

Spike

Posts: 1,361
First Simutrans Developer and Graphics Artist
Logged

Potential buffer overflow in pakselector.cc

March 20, 2012, 09:59:04 AM Last Edit: March 20, 2012, 10:38:42 AM by Hans

If the path is bigger than 1024 characters, this will cause a buffer overflow:

Code Select


    FOR(slist_tpl<entry>, const& i, entries) {
        char path[1024];
        sprintf(path,"%saddons/%s", umgebung_t::user_dir, i.button->get_text());

Edit: There are two of these problems in pakselector.cc, I think.

Go Up Pages1

User actions

The International Simutrans Forum
► Development
► Patches & Projects
► Incorporated Patches and Solved Bug Reports (Moderator: Dwachs)
► Potential buffer overflow in pakselector.cc

Jump to

User actions