Login
User Name:

Password:



Register
Forgot your password?
Vote for Us!
 Couple bugs
Today, 5:42 pm
By Remcon
Bug in disarm( )
Nov 12, 2017, 6:54 pm
By GatewaySysop
Bug in will_fall( )
Oct 23, 2017, 1:35 am
By GatewaySysop
Bug in do_zap( ), do_brandish( )
Oct 18, 2017, 1:52 pm
By GatewaySysop
Bug in get_exp_worth( )
Oct 10, 2017, 1:26 am
By GatewaySysop
LOP 1.45
Author: Remcon
Submitted by: Remcon
LOP Heroes Edition
Author: Vladaar
Submitted by: Vladaar
Heroes sound extras
Author: Vladaar
Submitted by: Vladaar
6Dragons 4.3
Author: Vladaar
Submitted by: Vladaar
Memwatch
Author: Johan Lindh
Submitted by: Vladaar
Users Online
CommonCrawl, Yandex, DotBot, Google, Yahoo!

Members: 0
Guests: 8
Stats
Files
Topics
Posts
Members
Newest Member
477
3,705
19,232
608
LAntorcha
Today's Birthdays
There are no member birthdays today.
Related Links
» SmaugMuds.org » Bugfix Lists » SmaugFUSS Bugfix List » [Bug] Calls to the *printf wr...
Forum Rules | Mark all | Recent Posts

[Bug] Calls to the *printf wrapper functions have unsafe formatting
< Newer Topic :: Older Topic >

Pages:<< prev 1 next >>
Post is unread #1 Mar 5, 2005, 3:56 pm   Last edited May 11, 2005, 6:35 pm by Samson
Go to the top of the page
Go to the bottom of the page

Samson
Black Hand
GroupAdministrators
Posts3,639
JoinedJan 1, 2002

Bug: Calls to the *printf wrapper functions, and in some cases to the *Printf functions are being made improperly.
Danger: High
Found by: Druid
Fixed by: Druid
-----
When using any printf function you should be inputting three arguments at the very least. The data variable, the format string, and the data that fits into the format string.

For example, the below usages.

Wrong:
sprintf( buf, "Data here!" );

Right:
sprintf( buf, "%s", "Data here!" );

The reason for this is when those functions are used (ch_printf and pager_printf, etc) along with user input they can slip in some format tokens (%s %c %d) causing major havoc with the game.

If you want to test it, have someone send you a tell with a string of %s tokens tacked together then use the repeat command. This can be used in some places that will cause crashing of the game.

The best thing to do is to go in and fix in code that wraps into a printf function to use the proper number of arguments. The bug and log function calls are particularly bad about it. Unless you need to input data into a string, use the send_to_char and sent_to_pager function, instead of ch_printf and ch_printf color.
       
Pages:<< prev 1 next >>