Harden bm_read_alias against bad input

common/main/piggy.h

@@ -36,8 +36,8 @@ COPYRIGHT 1993-1999 PARALLAX SOFTWARE CORPORATION.  ALL RIGHTS RESERVED.
 namespace dsx {
 struct alias
 {
-	char alias_name[FILENAME_LEN];
-	char file_name[FILENAME_LEN];
+	std::array<char, FILENAME_LEN> alias_name;
+	std::array<char, FILENAME_LEN> file_name;
 };
 }
 #endif

similar/main/bmread.cpp

@@ -862,13 +862,18 @@ void verify_textures()
 #if defined(DXX_BUILD_DESCENT_II) && DXX_USE_EDITOR
 void bm_read_alias()
 {
-	char *t;
-
 	Assert(Num_aliases < MAX_ALIASES);
+	auto &a = alias_list[Num_aliases];
+	a = {};
 
-	t = strtok( NULL, space_tab );  strncpy(alias_list[Num_aliases].alias_name,t,sizeof(alias_list[Num_aliases].alias_name));
-	t = strtok( NULL, space_tab );  strncpy(alias_list[Num_aliases].file_name,t,sizeof(alias_list[Num_aliases].file_name));
-
+	for (const auto b : {&a.alias_name, &a.file_name})
+	{
+		const auto t = strtok(nullptr, space_tab);
+		if (!t)
+			return;
+		const auto c = std::min(strlen(t), std::size(*b) - 1);
+		std::memcpy(std::data(*b), t, c);
+	}
 	Num_aliases++;
 }
 #endif

similar/main/piggy.cpp

@@ -407,10 +407,10 @@ bitmap_index piggy_find_bitmap(const std::span<const char> entry_name)
 
 	std::array<char, FILENAME_LEN> temp;
 	range_for (auto &i, partial_const_range(alias_list, Num_aliases))
-		if (i.alias_name[namelen] == 0 && d_strnicmp(name.data(), i.alias_name,namelen) == 0)
+		if (i.alias_name[namelen] == 0 && d_strnicmp(name.data(), i.alias_name.data(), namelen) == 0)
 		{
 			if (t) {                //extra stuff for ABMs
-				const auto path = d_splitpath(i.file_name);
+				const auto path = d_splitpath(i.file_name.data());
 				snprintf(temp.data(), temp.size(), "%.*s%s\n", DXX_ptrdiff_cast_int(path.base_end - path.base_start), path.base_start, t);
 				name = temp;
 			}