diff options
| author | Ben Harris <bjh21@bjh21.me.uk> | 2023-02-20 14:57:31 +0000 |
|---|---|---|
| committer | Ben Harris <bjh21@bjh21.me.uk> | 2023-02-20 14:58:17 +0000 |
| commit | bbe866a3819c6a754a5b1d8c5bc5d0701796acfb (patch) | |
| tree | a9990a8b1262c1bdb8fe907903dd5f1ca15068cb | |
| parent | 795ccf60023fd76893345c8ef6cefd535004a240 (diff) | |
| download | puzzles-bbe866a3819c6a754a5b1d8c5bc5d0701796acfb.zip puzzles-bbe866a3819c6a754a5b1d8c5bc5d0701796acfb.tar.gz puzzles-bbe866a3819c6a754a5b1d8c5bc5d0701796acfb.tar.bz2 puzzles-bbe866a3819c6a754a5b1d8c5bc5d0701796acfb.tar.xz | |
Flood: don't read off the end of some parameter strings
This is essentially the same fix as 73c7bc090155ab8c was for Twiddle.
The new code is less clever but more correct (and more obviously
correct). The bug could be demonstrated by using a parameter string
of "c" or "m" with an AddressSanitizer build of Flood.
| -rw-r--r-- | flood.c | 8 |
1 files changed, 4 insertions, 4 deletions
@@ -141,13 +141,13 @@ static void decode_params(game_params *ret, char const *string) if (*string == 'c') { string++; ret->colours = atoi(string); - while (string[1] && isdigit((unsigned char)string[1])) string++; + while (*string && isdigit((unsigned char)*string)) string++; } else if (*string == 'm') { string++; ret->leniency = atoi(string); - while (string[1] && isdigit((unsigned char)string[1])) string++; - } - string++; + while (*string && isdigit((unsigned char)*string)) string++; + } else + string++; } } |