From 9450c08eec33356c8b836c84e21278dd41f4b668 Mon Sep 17 00:00:00 2001 From: Andrey Akhmichin <15944199+nekonomicon@users.noreply.github.com> Date: Mon, 19 Dec 2022 23:56:03 +0500 Subject: [PATCH] engine: server: simplify strings operations. --- engine/server/sv_client.c | 13 ++++++++++++- engine/server/sv_save.c | 10 +++++----- 2 files changed, 17 insertions(+), 6 deletions(-) diff --git a/engine/server/sv_client.c b/engine/server/sv_client.c index ac4fd2ff..3a1f010f 100644 --- a/engine/server/sv_client.c +++ b/engine/server/sv_client.c @@ -930,15 +930,26 @@ void SV_BuildNetAnswer( netadr_t from ) } else if( type == NETAPI_REQUEST_PLAYERS ) { + size_t len = 0; + string[0] = '\0'; for( i = 0; i < svs.maxclients; i++ ) { if( svs.clients[i].state >= cs_connected ) { + int ret; edict_t *ed = svs.clients[i].edict; float time = host.realtime - svs.clients[i].connection_started; - Q_strncat( string, va( "%c\\%s\\%i\\%f\\", count, svs.clients[i].name, (int)ed->v.frags, time ), sizeof( string )); + ret = Q_snprintf( &string[len], sizeof( string ) - len, "%c\\%s\\%i\\%f\\", count, svs.clients[i].name, (int)ed->v.frags, time ); + + if( ret == -1 ) + { + Con_DPrintf( S_WARN "SV_BuildNetAnswer: NETAPI_REQUEST_PLAYERS: buffer overflow!\n" ); + break; + } + + len += ret; count++; } } diff --git a/engine/server/sv_save.c b/engine/server/sv_save.c index 0fcf66e4..e3d791b3 100644 --- a/engine/server/sv_save.c +++ b/engine/server/sv_save.c @@ -2418,13 +2418,13 @@ int GAME_EXPORT SV_GetSaveComment( const char *savename, char *comment ) if( FBitSet( flags, MAP_INVALID_VERSION )) { - Q_strncpy( comment, va( "", mapName ), MAX_STRING ); + Q_snprintf( comment, sizeof( comment ), "", mapName ); return 0; } if( !FBitSet( flags, MAP_IS_EXIST )) { - Q_strncpy( comment, va( "", mapName ), MAX_STRING ); + Q_snprintf( comment, sizeof( comment ), "", mapName ); return 0; } @@ -2433,10 +2433,10 @@ int GAME_EXPORT SV_GetSaveComment( const char *savename, char *comment ) // split comment to sections if( Q_strstr( savename, "quick" )) - Q_strncat( comment, "[quick]", CS_SIZE ); + Q_snprintf( comment, sizeof( comment ), "[quick]%s", description ); else if( Q_strstr( savename, "autosave" )) - Q_strncat( comment, "[autosave]", CS_SIZE ); - Q_strncat( comment, description, CS_SIZE ); + Q_snprintf( comment, sizeof( comment ), "[autosave]%s", description ); + else Q_strncpy( comment, description, sizeof( comment )); strftime( timestring, sizeof ( timestring ), "%b%d %Y", file_tm ); Q_strncpy( comment + CS_SIZE, timestring, CS_TIME ); strftime( timestring, sizeof( timestring ), "%H:%M", file_tm );