Fix another HOME buffer overflow attack vector

svn-id: r19376
author: Max Horn 2005-10-31 01:50:51 +0000
committer: Max Horn 2005-10-31 01:50:51 +0000
commit: 0063257a2bf4284b50945f337b81db951cfad364 (patch)
tree: f052a00a1f2e0290255f9c91490a3d809b163e04 /common
parent: cd6e35cdb85b3213a6eb4032697a942991141197 (diff)
download: scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.tar.gz
scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.tar.bz2
scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.zip
1 files changed, 3 insertions, 2 deletions
diff --git a/common/config-manager.cpp b/common/config-manager.cpp
index 08edb25240..995d9d601a 100644
--- a/common/config-manager.cpp
+++ b/common/config-manager.cpp
@@ -92,8 +92,9 @@ ConfigManager::ConfigManager() {
 void ConfigManager::loadDefaultConfigFile() {
 	char configFile[MAXPATHLEN];
 #if defined(UNIX)
-	if (getenv("HOME") != NULL)
-		sprintf(configFile,"%s/%s", getenv("HOME"), DEFAULT_CONFIG_FILE);
+	const char *home = getenv("HOME");
+	if (home != NULL && strlen(home) < MAXPATHLEN)
+		snprintf(configFile, MAXPATHLEN, "%s/%s", home, DEFAULT_CONFIG_FILE);
 	else
 		strcpy(configFile, DEFAULT_CONFIG_FILE);
 #else
author	Max Horn	2005-10-31 01:50:51 +0000
committer	Max Horn	2005-10-31 01:50:51 +0000
commit	0063257a2bf4284b50945f337b81db951cfad364 (patch)
tree	f052a00a1f2e0290255f9c91490a3d809b163e04 /common
parent	cd6e35cdb85b3213a6eb4032697a942991141197 (diff)
download	scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.tar.gz scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.tar.bz2 scummvm-rg350-0063257a2bf4284b50945f337b81db951cfad364.zip