Archives/OpenTTD-patches
2
0
Fork 0
mirror of https://github.com/JGRennison/OpenTTD-patches.git synced 2024-11-16 00:12:51 +00:00
Code Issues Packages Projects Releases Wiki Activity

(svn r15572) -Fix (r13730): theoretical buffer overflow when company with too long name funded a road reconstruction

Browse Source
This commit is contained in:
smatz 2009-02-24 22:57:02 +00:00
parent 3707a11e5e
commit 2f63571203
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
src/town_cmd.cpp
View File

@ -2197,15 +2197,15 @@ static void TownActionRoadRebuild(Town *t)
{ {
t->road_build_months = 6; t->road_build_months = 6;
char *company_name = MallocT<char>(64); char company_name[MAX_LENGTH_COMPANY_NAME_BYTES];
SetDParam(0, _current_company); SetDParam(0, _current_company);
GetString(company_name, STR_COMPANY_NAME, company_name + 64); GetString(company_name, STR_COMPANY_NAME, lastof(company_name));
char *cn = strdup(company_name);
SetDParam(0, t->index); SetDParam(0, t->index);
SetDParamStr(1, company_name); SetDParamStr(1, cn);
AddNewsItem(STR_2055_TRAFFIC_CHAOS_IN_ROAD_REBUILDING, AddNewsItem(STR_2055_TRAFFIC_CHAOS_IN_ROAD_REBUILDING, NS_GENERAL, t->xy, 0, cn);
NS_GENERAL, t->xy, 0, company_name);
} }
static bool DoBuildStatueOfCompany(TileIndex tile, TownID town_id) static bool DoBuildStatueOfCompany(TileIndex tile, TownID town_id)