Fixed a potential buffer overrun in cmd_rchg()

author Art Cancro <ajc@citadel.org>

Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)

committer Art Cancro <ajc@citadel.org>

Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)
author Art Cancro <ajc@citadel.org>
Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)
committer Art Cancro <ajc@citadel.org>
Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)
diff --git a/citadel/citserver.c b/citadel/citserver.c

index 8f5a4c2ad9f4dbc038e636bd3b69ef37e7c45e05..c759839162e342aeebfa622bc7b6472c37b20008 100644 (file)
--- a/citadel/citserver.c
+++ b/citadel/citserver.c
@@ -177,9 +177,10 @@ void cmd_info(void) {
  
  void cmd_rchg(char *argbuf)
  {
-       char newroomname[ROOMNAMELEN];
+       char newroomname[256]; /* set to 256 to prevent buffer overruns <dme>*/
  
         extract(newroomname, argbuf, 0);
+       newroomname[ROOMNAMELEN] = 0;
         if (strlen(newroomname) > 0) {
                 strncpy(CC->fake_roomname, newroomname, ROOMNAMELEN);
                 CC->fake_roomname[ROOMNAMELEN - 1] = 0;
author	Art Cancro <ajc@citadel.org>
	Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)
committer	Art Cancro <ajc@citadel.org>
	Fri, 29 Jan 1999 00:55:20 +0000 (00:55 +0000)