[crossfire] Re: [Crossfire-cvs] CVS commit: crossfire
Andreas Kirschbaum
kirschbaum at myrealbox.com
Fri Jul 15 18:26:09 CDT 2005
Andreas Kirschbaum wrote:
>
crossfire-cvs-admin at lists.sourceforge.net
wrote:
>
> server/c_party.c: party password max length is 7, due to buffer size.
>
> (i think it was a patch from Casper?)
>
>
I had fixed this problem a few days before. (See the ChangeLog entry a
>
few lines below.) My fix made passwords up to 8 characters work: the
>
field party_struct.passwd can hold passwords of 8 characters length
>
because it is declared as "char passwd[9];". IIRC the real problem was
>
the code that put the password into the struct. It was missing a length
>
check and possibly not terminating the password with '\0'.
>
>
Other than that, it is now broken: passwords of 8 characters length are
>
silently truncated to 7 characters, but passwords of 9 or more
>
characters length are rejected with "The password must not exceed 8
>
characters".
I reversed this patch; party passwords with a length of 8 characters are
now working again.
More information about the crossfire
mailing list