Fixed some problems with unsafe strcpy() calls writing out of bounds.
This manifested in sfrotz crashing with a
"double free or corruption (!prev)" or "munmap_chunk(): invalid pointer"
when saving or restoring using a graphical dialog. The dialog would
cause os_read_file_name() to return a complete path for the save file.
If done with the -T option, then this information would be obtained in
the text window and only what was typed would be returned. That's how
the curses and dumb interfaces work too. That's why the problem wasn't
seen until tinkering with the SDL interface.
There are five other instances of strcpy() left in the core, six in the
curses interface, three in the dumb interface, and a whopping thirty in
the SDL interface. These will be fixed later.
Scope-eye.net Git Repository / liskon_frotz.git / commit