#7 topten scanf safety

open
nobody
None
5
2012-11-07
2008-04-23
Ian Abbott
No

This patch was written by Andrew Church to address Gentoo Linux bug #125902 (ref http://bugs.gentoo.org/show_bug.cgi?id=125902). It sets the maximum width of the strings read by fscanf() to avoid buffer overflow problems if someone manages to tamper with Nethack's "record" file. (This is easy to do in Gentoo Linux due to its non-standard (stupid) policy of putting ordinary users in the "games" group.)

Discussion

  • Ian Abbott
    Ian Abbott
    2008-04-23

    topten scanf fix patch (by Andrew Church)