From fce2e02444a056cc420be6b32844de039fbfafac Mon Sep 17 00:00:00 2001
From: Sergeanur <s.anureev@yandex.ua>
Date: Sat, 18 Apr 2020 23:58:43 +0300
Subject: Fix savename buffer overflow

---
 src/save/GenericGameStorage.cpp | 16 ++++++++++++----
 1 file changed, 12 insertions(+), 4 deletions(-)

(limited to 'src')

diff --git a/src/save/GenericGameStorage.cpp b/src/save/GenericGameStorage.cpp
index 763f516a..5e483dc7 100644
--- a/src/save/GenericGameStorage.cpp
+++ b/src/save/GenericGameStorage.cpp
@@ -112,14 +112,22 @@ GenericSave(int file)
 
 	// Save simple vars
 	lastMissionPassed = TheText.Get(CStats::LastMissionPassedName);
-	if (*lastMissionPassed) {
+	if (lastMissionPassed[0] != '\0') {
 		AsciiToUnicode("...'", suffix);
+#ifdef FIX_BUGS
+		// fix buffer overflow
+		int len = UnicodeStrlen(lastMissionPassed);
+		if (len > ARRAY_SIZE(saveName)-1)
+			len = ARRAY_SIZE(saveName)-1;
+		memcpy(saveName, lastMissionPassed, sizeof(wchar) * len);
+#else
 		TextCopy(saveName, lastMissionPassed);
 		int len = UnicodeStrlen(saveName);
+#endif
 		saveName[len] = '\0';
-		if (len > 22)
-			TextCopy(saveName + 18, suffix);
-		saveName[23] = '\0';
+		if (len > ARRAY_SIZE(saveName)-2)
+			TextCopy(&saveName[ARRAY_SIZE(saveName)-ARRAY_SIZE(suffix)], suffix);
+		saveName[ARRAY_SIZE(saveName)-1] = '\0';
 	}
 	WriteDataToBufferPointer(buf, saveName);
 	GetLocalTime(&saveTime);
-- 
cgit v1.2.3