From 4c7a908f8ee55161faf3be71f1a81e1eea803a14 Mon Sep 17 00:00:00 2001
From: "Rob Swindell (on Windows 11)" <rob@synchro.net>
Date: Sat, 23 Mar 2024 15:42:29 -0700
Subject: [PATCH] Insure buf is null-terminated in getzpt(), resoving CID
 488308

---
 src/sbbs3/sbbsecho.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/sbbs3/sbbsecho.c b/src/sbbs3/sbbsecho.c
index 18a750770d..3a78d334d9 100644
--- a/src/sbbs3/sbbsecho.c
+++ b/src/sbbs3/sbbsecho.c
@@ -3638,7 +3638,7 @@ int fmsgtosmsg(char* fbuf, fmsghdr_t* hdr, uint usernumber, uint subnum)
 /***********************************************************************/
 bool getzpt(FILE* stream, fmsghdr_t* hdr)
 {
-	char buf[0x1000];
+	char buf[0x1000] = "";
 	int i,len,cr=0;
 	off_t pos;
 	fidoaddr_t faddr;
@@ -3647,7 +3647,7 @@ bool getzpt(FILE* stream, fmsghdr_t* hdr)
 	pos=ftello(stream);
 	if(pos < 0)
 		return false;
-	len=fread(buf,1,0x1000,stream);
+	len=fread(buf,1,sizeo(buf) - 1,stream);
 	for(i=0;i<len;i++) {
 		if(buf[i]=='\n')	/* ignore line-feeds */
 			continue;
-- 
GitLab