Clamp clipboard data to MAX_INPUTLINE. Fixes heap overflow with console input

author cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>

Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)

committer cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>

Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)
author cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>
Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)
committer cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>
Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)
diff --git a/sys_sdl.c b/sys_sdl.c

index 819848614080f06cbe5d79d6c05568bf38c30590..e3b2956edafe19a3c9ba40e72a1a3104e14c6964 100644 (file)
--- a/sys_sdl.c
+++ b/sys_sdl.c
@@ -173,7 +173,7 @@ char *Sys_GetClipboardData (void)
         cliptext = SDL_GetClipboardText();
         if (cliptext != NULL) {
                 size_t allocsize;
-               allocsize = strlen(cliptext) + 1;
+               allocsize = min(MAX_INPUTLINE, strlen(cliptext) + 1);
                 data = (char *)Z_Malloc (allocsize);
                 strlcpy (data, cliptext, allocsize);
                 SDL_free(cliptext);
author	cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>
	Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)
committer	cloudwalk <cloudwalk@d7cf8633-e32d-0410-b094-e92efae38249>
	Wed, 10 Jun 2020 05:08:41 +0000 (05:08 +0000)