[Scummvm-cvs-logs] SF.net SVN: scummvm:[44738] scummvm/trunk/engines/sci/engine/kstring.cpp

Wed Oct 7 18:47:07 CEST 2009

Revision: 44738
          http://scummvm.svn.sourceforge.net/scummvm/?rev=44738&view=rev
Author:   thebluegr
Date:     2009-10-07 16:47:06 +0000 (Wed, 07 Oct 2009)

Log Message:
-----------
Fixed a potential buffer overflow in kFormat, which occurs in the "About" screen in KQ4

Modified Paths:
--------------
    scummvm/trunk/engines/sci/engine/kstring.cpp

Modified: scummvm/trunk/engines/sci/engine/kstring.cpp
===================================================================

--- scummvm/trunk/engines/sci/engine/kstring.cpp	2009-10-07 16:26:16 UTC (rev 44737)
+++ scummvm/trunk/engines/sci/engine/kstring.cpp	2009-10-07 16:47:06 UTC (rev 44738)
@@ -359,7 +359,8 @@
 reg_t kFormat(EngineState *s, int argc, reg_t *argv) {
 	uint16 *arguments;
 	reg_t dest = argv[0];
-	char targetbuf[512];
+	int maxsize = 4096; /* Arbitrary... */
+	char targetbuf[4096];
 	char *target = targetbuf;
 	reg_t position = argv[1]; /* source */
 	int index = argv[2].toUint16();
@@ -371,9 +372,7 @@
 	int startarg;
 	int str_leng = 0; /* Used for stuff like "%13s" */
 	int unsigned_var = 0;
-	int maxsize = 4096; /* Arbitrary... */
 
-
 	if (position.segment)
 		startarg = 2;
 	else


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


