Bug#205048: ITP: neverball -- A colorful 3D arcade game in which you tilt the floor to roll the ball through the obstacle course before time runs out
On Tue, Aug 12, 2003 at 09:59:45AM +0200, Max Gilead wrote:
> Package: wnpp
> Version: unavailable; reported 2003-08-12
> Severity: wishlist
>
>
> * Package name : neverball
> Version : 20030805a
> Upstream Author : Robert Kooima <rlk@snth.net>
> * URL : http://aoeu.snth.net/neverball/
> * License : GPL
> Description : A colorful 3D arcade game in which you tilt the floor to roll the ball through the obstacle course before time runs out
>
> Neverball is a colorful 3D arcade game in which you tilt the floor to roll the
> ball through the obstacle course before time runs out. It requires patience,
> concentration and a bit of luck.
Please apply the enclosed patch before packaging - this closes a
buffer overflow attack which is locally exploitable.
(I'm not sure if you're planning on making the binary setgid games,
if you are you should certainly apply this!)
Steve
--
www.steve.org.uk
--- config.c 2003-08-12 09:42:54.000000000 +0100
+++ config.c-orig 2003-08-12 09:43:54.000000000 +0100
@@ -66,18 +66,14 @@
if ((dir = getenv("HOME")))
{
- strcpy(dst, dir);
- strcat(dst, "/");
- strcat(dst, src);
- return 1;
+ snprintf(dst, sizeof(dst)-1, "%s/%s", dir, src);
+ return( 1 );
}
if ((vol = getenv("HOMEDRIVE")) && (dir = getenv("HOMEPATH")))
{
- strcpy(dst, vol);
- strcat(dst, dir);
- strcat(dst, "\\");
- strcat(dst, src);
+ snprintf(dst, sizeof(dst)-1, "%s%s\\%s",
+ vol, dir, src );
return 1;
}
Reply to: