ViewVC Help
View File | Revision Log | Show Annotations | Download File
/cvs/deliantra/server/common/utils.C
(Generate patch)

Comparing deliantra/server/common/utils.C (file contents):
Revision 1.87 by sf-marcmagus, Sun Oct 11 01:35:53 2009 UTC vs.
Revision 1.88 by root, Sun Oct 11 05:31:54 2009 UTC

459msg_is_safe (const char *msg) 459msg_is_safe (const char *msg)
460{ 460{
461 bool safe = true; 461 bool safe = true;
462 462
463 /* Trying to cheat by getting data into the object */ 463 /* Trying to cheat by getting data into the object */
464 if (!strncmp (msg, "endmsg", strlen ("endmsg")) || strstr (msg, "\nendmsg")) 464 if (!strncmp (msg, "endmsg", sizeof ("endmsg") - 1)
465 || strstr (msg, "\nendmsg"))
465 safe = false; 466 safe = false;
466 467
467 /* Trying to make the object talk, and potentially access arbitrary code */ 468 /* Trying to make the object talk, and potentially access arbitrary code */
468 if (object::msg_has_dialogue (msg)) 469 if (object::msg_has_dialogue (msg))
469 safe = false; 470 safe = false;

Diff Legend

Removed lines
+ Added lines
< Changed lines
> Changed lines