Bugfix: If the initial string passed to enter_text() was longer than

maxchars characters, enter_text() may overwrite random memory outside of the string.
author: Helge Deller <deller@gmx.de> 2013-10-09 17:25:52 +0200
committer: Helge Deller <deller@gmx.de> 2013-10-09 17:25:52 +0200
commit: d66545bc671c3432149ac93578508a830f6afa93 (patch)
tree: 1d6988409102312fc4c34cfa947dbdd54ccddf43
parent: d9a5f7d041c42f9af6f5a1b2a2ee4135d16e44f7 (diff)
download: palo-d66545bc671c3432149ac93578508a830f6afa93.tar.gz
1 files changed, 10 insertions, 2 deletions
diff --git a/ipl/lib.c b/ipl/lib.c
index 7c021c3..d664eb9 100644
--- a/ipl/lib.c
+++ b/ipl/lib.c
@@ -234,14 +234,22 @@ char *enter_text(char *txt, int maxchars)
 {
     char c;
     int pos;
-    printf(txt);		/* print initial text */
     for (pos = 0; txt[pos]; pos++);	/* calculate no. of chars */
+    if (pos > maxchars)	/* if input too long, shorten it */
+    {
+	pos = maxchars;
+	txt[pos] = '\0';
+    }
+    printf(txt);		/* print initial text */
     do
     {
 	c = getchar();
 	if (c == 13)
 	{			/* CR -> finish! */
-	    txt[pos] = 0;
+	    if (pos <= maxchars)
+		txt[pos] = 0;
+	    else
+		txt[maxchars] = '\0';
 	    return txt;
 	};
 	if (c == '\b' || c == 127 )
author	Helge Deller <deller@gmx.de>	2013-10-09 17:25:52 +0200
committer	Helge Deller <deller@gmx.de>	2013-10-09 17:25:52 +0200
commit	d66545bc671c3432149ac93578508a830f6afa93 (patch)
tree	1d6988409102312fc4c34cfa947dbdd54ccddf43
parent	d9a5f7d041c42f9af6f5a1b2a2ee4135d16e44f7 (diff)
download	palo-d66545bc671c3432149ac93578508a830f6afa93.tar.gz