From 3ab210cbd551966d6828ddb9fe6dc5fe0f544dc2 Mon Sep 17 00:00:00 2001 From: Rob Swindell <rob@synchro.net> Date: Thu, 3 Mar 2022 09:47:53 -0800 Subject: [PATCH] Fix a few issues around single-file add argument parsing Triggered by CID 33630: Unbounded source buffer --- src/sbbs3/addfiles.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/sbbs3/addfiles.c b/src/sbbs3/addfiles.c index 86ecf40889..6e981995d9 100644 --- a/src/sbbs3/addfiles.c +++ b/src/sbbs3/addfiles.c @@ -729,13 +729,13 @@ int main(int argc, char **argv) SAFECOPY(fdesc, "no description given"); } - sprintf(str,"%s%s", scfg.dir[dirnum]->path, fname); + SAFEPRINTF2(str,"%s%s", scfg.dir[dirnum]->path, fname); if(mode&FILE_DATE) - sprintf(fdesc, "%s ", unixtodstr(&scfg,(time32_t)fdate(str),tmp)); - if(mode&TODAYS_DATE) - sprintf(fdesc, "%s ", unixtodstr(&scfg,time32(NULL),tmp)); - sprintf(tmp, "%.*s", (int)(LEN_FDESC-strlen(fdesc)), argv[++j]); - SAFECOPY(fdesc, tmp); + SAFEPRINTF(fdesc, "%s ", unixtodstr(&scfg,(time32_t)fdate(str),tmp)); + else if(mode&TODAYS_DATE) + SAFEPRINTF(fdesc, "%s ", unixtodstr(&scfg,time32(NULL),tmp)); + j++; + SAFECAT(fdesc, argv[j]); l=(long)flength(str); if(l==-1) { printf("%s not found.\n",str); -- GitLab