diff options
| author | Simon Howard | 2014-04-01 20:43:45 -0400 |
|---|---|---|
| committer | Simon Howard | 2014-04-01 20:43:45 -0400 |
| commit | 8eb3200286d523379295143ce3f44d77ce036d4b (patch) | |
| tree | ac0edb56027f285425d896e12a1b14d78ad294b9 /src/doom/d_main.c | |
| parent | 565a1f08566520147a5abff5744dbcc256e5030c (diff) | |
| download | chocolate-doom-8eb3200286d523379295143ce3f44d77ce036d4b.tar.gz chocolate-doom-8eb3200286d523379295143ce3f44d77ce036d4b.tar.bz2 chocolate-doom-8eb3200286d523379295143ce3f44d77ce036d4b.zip | |
Replace all snprintf() calls with M_snprintf().
The Windows API has an _snprintf function that is not the same as
Unix's snprintf(): if the string is truncated then no trailing NUL
character is appended. This makes the function unsafe. Define a
replacement/wrapper called M_snprintf that works the same but always
appends a trailing NUL, for safety on Windows and other OSes that
behave like this.
Do the same thing for vsnprintf(), and update HACKING to list
snprintf/vsnprintf as forbidden functions. This fixes #375;
thanks to Quasar for pointing out the different behavior of these
functions.
Diffstat (limited to 'src/doom/d_main.c')
| -rw-r--r-- | src/doom/d_main.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/src/doom/d_main.c b/src/doom/d_main.c index 0cdb83d4..2a4fe236 100644 --- a/src/doom/d_main.c +++ b/src/doom/d_main.c @@ -384,7 +384,7 @@ void D_BindVariables(void) { char buf[12]; - snprintf(buf, sizeof(buf), "chatmacro%i", i); + M_snprintf(buf, sizeof(buf), "chatmacro%i", i); M_BindVariable(buf, &chat_macros[i]); } } @@ -669,8 +669,8 @@ static char *GetGameName(char *gamename) gamename_size = strlen(deh_sub) + 10; gamename = Z_Malloc(gamename_size, PU_STATIC, 0); version = G_VanillaVersionCode(); - snprintf(gamename, gamename_size, deh_sub, - version / 100, version % 100); + M_snprintf(gamename, gamename_size, deh_sub, + version / 100, version % 100); while (gamename[0] != '\0' && isspace(gamename[0])) { |