Skip to content
Snippets Groups Projects
Commit c7fda9ff authored by Rob Swindell's avatar Rob Swindell :speech_balloon:
Browse files

Remove broken security check for text.dat strings w/@-codes in bputs() 

As Deuce pointed out, the text[] pointers are malloc()'d so they're not
necessarily sequential/in-order addresses. Definitely not after
any text replacements have been made.
parent db0539fb
Branches
Tags
No related merge requests found
Pipeline #8605 passed
Stage: build
Stage: test
Stage: cleanup
Hide whitespace changes
Inline Side-by-side
Showing
with 1 addition and 2 deletions
src/sbbs3/con_out.cpp
+ 1
2
View file @ c7fda9ff
...@@ -100,8 +100,7 @@ int sbbs_t::bputs(const char *str, int mode) ...@@ -100,8 +100,7 @@ int sbbs_t::bputs(const char *str, int mode)
if (!(mode & P_NOATCODES) && str[l] == '@') { if (!(mode & P_NOATCODES) && str[l] == '@') {
if (str == mnestr /* Mnemonic string or */ if (str == mnestr /* Mnemonic string or */
|| (mode & P_ATCODES) /* trusted parameters to formatted string */ || (mode & P_ATCODES) /* trusted parameters to formatted string */
|| (str >= text[0] /* Straight out of TEXT.DAT */ ) {
&& str <= text[TOTAL_TEXT - 1])) {
i = show_atcode(str + l); /* return 0 if not valid @ code */ i = show_atcode(str + l); /* return 0 if not valid @ code */
l += i; /* i is length of code string */ l += i; /* i is length of code string */
if (i) /* if valid string, go to top */ if (i) /* if valid string, go to top */
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment