From 88b52051352201e4c9b535cf66d4bd50ff918390 Mon Sep 17 00:00:00 2001
From: zicodxx <zicodxx@yahoo.de>
Date: Sat, 13 Nov 2010 00:46:39 +0100
Subject: [PATCH] In plyr_save_stats setting filename to size of PATH_MAX to
 have enough space to also hold the player directory prefix which would
 otherwise create a memory corruption and crash the game

---
 CHANGELOG.txt   |  4 ++++
 main/playsave.c | 57 +++++++++++++++++++++++++++++++------------------
 2 files changed, 40 insertions(+), 21 deletions(-)

diff --git a/CHANGELOG.txt b/CHANGELOG.txt
index dd2b909c7..4e0c03d11 100644
--- a/CHANGELOG.txt
+++ b/CHANGELOG.txt
@@ -1,5 +1,9 @@
 D1X-Rebirth Changelog
 
+20101113
+--------
+main/playsave.c: In plyr_save_stats setting filename to size of PATH_MAX to have enough space to also hold the player directory prefix which would otherwise create a memory corruption and crash the game
+
 20101109
 --------
 main/multi.c: In multi_consistency_error check for Game_wind before trying to set it in/visible - just for safety
diff --git a/main/playsave.c b/main/playsave.c
index f6c413e78..c054f3fb0 100644
--- a/main/playsave.c
+++ b/main/playsave.c
@@ -410,31 +410,32 @@ void plyr_read_stats()
 
 void plyr_save_stats()
 {
-	int kills,deaths,neg;
-	char filename[14];
+	int kills = PlayerCfg.NetlifeKills,deaths = PlayerCfg.NetlifeKilled, neg, i;
+	char filename[PATH_MAX];
 	unsigned char buf[16],buf2[16],a;
-	int i;
 	PHYSFS_file *f;
-	kills=0;
-	deaths=0;
-	
-	kills=PlayerCfg.NetlifeKills;
-	deaths=PlayerCfg.NetlifeKilled;
-	
-	sprintf(filename,GameArg.SysUsePlayersDir?"Players/%s.eff":"%s.eff",Players[Player_num].callsign);
+
+	memset(filename, '\0', PATH_MAX);
+	snprintf(filename, PATH_MAX, GameArg.SysUsePlayersDir?"Players/%s.eff":"%s.eff", Players[Player_num].callsign);
 	f = PHYSFSX_openWriteBuffered(filename);
 
 	if(!f)
 		return; //broken!
-	
+
 	PHYSFSX_printf(f,"kills:%i\n",kills);
 	PHYSFSX_printf(f,"deaths:%i\n",deaths);
 	PHYSFSX_printf(f,"key:01 ");
-	if (kills<0){
+
+	if (kills<0)
+	{
 		neg=1;
 		kills*=-1;
-	}else neg=0;
-	for (i=0;kills;i++){
+	}
+	else
+		neg=0;
+
+	for (i=0;kills;i++)
+	{
 		a=(kills & 0xFF) ^ effcode1[i+neg];
 		buf[i*2]=(a&0xF)+33;
 		buf[i*2+1]=(a>>4)+33;
@@ -443,17 +444,26 @@ void plyr_save_stats()
 		buf2[i*2+1]=(a>>4)+33;
 		kills>>=8;
 	}
+
 	buf[i*2]=0;
 	buf2[i*2]=0;
-	if (neg)i+='a';
-	else i+='A';
+
+	if (neg)
+		i+='a';
+	else
+		i+='A';
+
 	PHYSFSX_printf(f,"%c%s %c%s ",i,buf,i,buf2);
 
-	if (deaths<0){
+	if (deaths<0)
+	{
 		neg=1;
 		deaths*=-1;
-	}else neg=0;
-	for (i=0;deaths;i++){
+	}else
+		neg=0;
+
+	for (i=0;deaths;i++)
+	{
 		a=(deaths & 0xFF) ^ effcode3[i+neg];
 		buf[i*2]=(a&0xF)+33;
 		buf[i*2+1]=(a>>4)+33;
@@ -462,10 +472,15 @@ void plyr_save_stats()
 		buf2[i*2+1]=(a>>4)+33;
 		deaths>>=8;
 	}
+
 	buf[i*2]=0;
 	buf2[i*2]=0;
-	if (neg)i+='a';
-	else i+='A';
+
+	if (neg)
+		i+='a';
+	else
+		i+='A';
+
 	PHYSFSX_printf(f,"%c%s %c%s\n",i,buf,i,buf2);
 	
 	PHYSFS_close(f);