Skip to content

Commit

Permalink
Fix potential stack overflow in CConsole::add_internal_cmds.
Browse files Browse the repository at this point in the history
  • Loading branch information
Pavel Kovalenko committed Oct 8, 2014
1 parent 7dc1f10 commit 976b434
Showing 1 changed file with 3 additions and 6 deletions.
9 changes: 3 additions & 6 deletions src/xrEngine/XR_IOConsole.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -765,20 +765,17 @@ bool CConsole::add_internal_cmds( LPCSTR in_str, vecTipsEx& out_v )

bool res = false;
// word in begin
xr_string name2;
vecCMD_IT itb = Commands.begin();
vecCMD_IT ite = Commands.end();
for ( ; itb != ite; ++itb )
{
LPCSTR name = itb->first;
u32 name_sz = xr_strlen(name);
PSTR name2 = (PSTR)_alloca( (name_sz+1) * sizeof(char) );

if ( name_sz >= in_sz )
{
strncpy_s( name2, name_sz+1, name, in_sz );
name2[in_sz] = 0;

if ( !stricmp( name2, in_str ) )
name2.assign(name, in_sz);
if ( !stricmp( name2.c_str(), in_str ) )
{
shared_str temp;
temp._set( name );
Expand Down

0 comments on commit 976b434

Please sign in to comment.