simon-git: puzzles (main): Ben Harris
Commits to Tartarus hosted VCS
tartarus-commits at lists.tartarus.org
Mon Feb 13 10:52:48 GMT 2023
TL;DR:
0a7c531 Undead: check the return value of sscanf() in execute_move()
Repository: https://git.tartarus.org/simon/puzzles.git
On the web: https://git.tartarus.org/?p=simon/puzzles.git
Branch updated: main
Committer: Ben Harris <bjh21 at bjh21.me.uk>
Date: 2023-02-13 10:52:48
commit 0a7c531e8f4c1970662f7c30aea006e65d5ff010
web diff https://git.tartarus.org/?p=simon/puzzles.git;a=commitdiff;h=0a7c531e8f4c1970662f7c30aea006e65d5ff010;hp=493bf16ddbe2185664d6c3053f7891a9f232c75c
Author: Ben Harris <bjh21 at bjh21.me.uk>
Date: Mon Feb 13 10:04:47 2023 +0000
Undead: check the return value of sscanf() in execute_move()
sscanf() assigns its output in order, so if a conversion specifier fails
to match, a later "%n" specifier will also not get its result assigned.
In Undead's execute_move(), this led to the result of "%n" being used
without being initialised. That could cause it to try to parse
arbitrary memory as part of the move string, which shouldn't be a
security problem (since execute_move() handles untrusted input anyway),
but could lead to a crash and certainly wasn't helpful.
undead.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
More information about the tartarus-commits
mailing list