commit b66b6d954ba6434e113fe6263682ae476252c41d
from: Markus Uhlin <markus@nifty-networks.net>
date: Sat Aug  3 22:59:24 2024 UTC

Fixed possible buffer overflows

commit - f8d6f33ca86eb75b6ee4eee87915df13960e4ecb
commit + b66b6d954ba6434e113fe6263682ae476252c41d
blob - 876aa8516fb97eb140d0caed2f66fd60781a80a5
blob + 79067aeadc042bd83a1cbbfbe58ea1caf945d33e
--- FICS/playerdb.c
+++ FICS/playerdb.c
@@ -583,24 +583,28 @@ ReadV1PlayerFmt(int p, player *pp, FILE *fp, char *fil
 		}
 	}
 
+	_Static_assert(1023 < ARRAY_SIZE(tmp2), "Array too small");
+
+#define SCAN_STR "%1023s"
+
 	while (size_cens--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_CENSOR, tmp2);
 	}
 	while (size_not--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_NOTIFY, tmp2);
 	}
 	while (size_noplay--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_NOPLAY, tmp2);
 	}
 	while (size_gnot--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_GNOTIFY, tmp2);
 	}
 	while (size_chan--) {
-		fscanf(fp, "%s", tmp2);
+		fscanf(fp, SCAN_STR, tmp2);
 		list_add(p, L_CHANNEL, tmp2);
 	}
 }