Actual buffer overflow bug found because of these fixes

This commit is contained in:
Glenn Smith 2018-03-06 02:35:46 -05:00
parent a94587af43
commit e03a86f75a

View file

@ -643,8 +643,8 @@ DefineEngineFunction(fileName, String, ( const char* fileName ),,
name = szPathCopy; name = szPathCopy;
else else
name++; name++;
char *ret = Con::getReturnBuffer(dStrlen(name)); char *ret = Con::getReturnBuffer(dStrlen(name) + 1);
dStrcpy(ret, name, dStrlen(name)); dStrcpy(ret, name, dStrlen(name) + 1);
return ret; return ret;
} }