security fix: replaced sprintf with snprintf

[xboard.git] / winboard / wchat.c

diff --git a/winboard/wchat.c b/winboard/wchat.c
index 1f78605..1da04b7 100644 (file)
--- a/winboard/wchat.c
+++ b/winboard/wchat.c
@@ -3,7 +3,7 @@
  *\r
  * Author: H.G.Muller (August 2009)\r
  *\r
- * Copyright 2009, 2010 Free Software Foundation, Inc. \r
+ * Copyright 2009, 2010 Free Software Foundation, Inc.\r
  *\r
  * ------------------------------------------------------------------------\r
  *\r
@@ -193,7 +193,7 @@ LRESULT CALLBACK ChatProc( HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam
        if(partner<0) {\r
                for(i=0; i<MAX_CHAT; i++) if(chatHandle[i] == NULL) { partner = i; break; }\r
                chatHandle[partner] = hDlg;\r
-               sprintf(buf, "Chat Window %s", first.tidy);\r
+               snprintf(buf, MSG_SIZ, "Chat Window %s", first.tidy);\r
                SetWindowText(hDlg, buf);\r
         }\r
        for(i=0; i<MAX_CHAT; i++) if(chatHandle[i]) {\r
@@ -241,7 +241,7 @@ LRESULT CALLBACK ChatProc( HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam
     break;\r
 \r
     case WM_COMMAND:\r
-      /* \r
+      /*\r
         [AS]\r
         If <Enter> is pressed while editing the filter, it's better to apply\r
         the filter rather than selecting the current game.\r
@@ -287,16 +287,16 @@ LRESULT CALLBACK ChatProc( HWND hDlg, UINT message, WPARAM wParam, LPARAM lParam
            // from here on it could be back-end\r
            SaveInHistory(mess);\r
            if(!strcmp("whispers", chatPartner[partner]))\r
-               sprintf(buf, "whisper %s\n", mess); // WHISPER box uses "whisper" to send\r
+             snprintf(buf, MSG_SIZ, "whisper %s\n", mess); // WHISPER box uses "whisper" to send\r
            else if(!strcmp("shouts", chatPartner[partner]))\r
-               sprintf(buf, "shout %s\n", mess); // SHOUT box uses "shout" to send\r
+             snprintf(buf, MSG_SIZ, "shout %s\n", mess); // SHOUT box uses "shout" to send\r
            else {\r
                if(!atoi(chatPartner[partner])) {\r
-                   sprintf(buf, "> %s\r\n", mess); // echo only tells to handle, not channel\r
+                 snprintf(buf, MSG_SIZ, "> %s\r\n", mess); // echo only tells to handle, not channel\r
                InsertIntoMemo(hDlg, buf);\r
-               sprintf(buf, "xtell %s %s\n", chatPartner[partner], mess);\r
+               snprintf(buf, MSG_SIZ, "xtell %s %s\n", chatPartner[partner], mess);\r
                } else\r
-               sprintf(buf, "tell %s %s\n", chatPartner[partner], mess);\r
+                 snprintf(buf, MSG_SIZ, "tell %s %s\n", chatPartner[partner], mess);\r
            }\r
            SendToICS(buf);\r
            break;\r
@@ -360,12 +360,12 @@ void ChatPopUp(char *icsHandle)
 {\r
   FARPROC lpProc;\r
   int i, partner = -1;\r
-  \r
+\r
   CheckMenuItem(GetMenu(hwndMain), IDM_NewChat, MF_CHECKED);\r
   for(i=0; i<MAX_CHAT; i++) if(chatHandle[i] == NULL) { partner = i; break; }\r
   if(partner == -1) { DisplayError("You first have to close a Chat Box\nbefore you can open a new one", 0); return; }\r
   if(icsHandle) // [HGM] clickbox set handle in advance\r
-    safeStrCpy(chatPartner[partner], icsHandle, \r
+    safeStrCpy(chatPartner[partner], icsHandle,\r
               sizeof(chatPartner[partner])/sizeof(chatPartner[partner][0]) );\r
   else chatPartner[partner][0] = NULLCHAR;\r
   chatCount++;\r