On Wed, 28 Jan 1998, Patrick J. Dughi wrote:
> > Attention ANYONE WHO USES ASCII PFILES!
> >
> > A major back door has just been found. It was exploited on my MUD, I
> > finally discovered how it was done.
> >
> > Using this bug a player can take control of the MUD totally, wipe the imm
> > char and replace it with their own version.
> >
> > reproduction snipped <
>
> > The "solution" to this is to parse descriptions to be written to the
> > file, replacing "~" with a blank space.
Not because of a backdoor, but rather because it can keep the mud from
booting if someoen puts a ~ in a room desc or what-not, I wrote a couple
functions to be used when writing any string that's going to be read by
fread_string()
/* strips char *s from line & copies it to dest, preserving src */
char *stripchar(char *dest, const char *src, char *s)
{
int i, length;
char *temp;
if (!dest || !src || !s) return NULL;
temp = &dest[0];
length = strlen(src);
for (i = 0; *src && (i < length); i++, src++)
if (*src != *s) *(temp++) = *src;
*temp = '\0';
return dest;
}
/* write a string to file, terminate with '~' */
void fwrite_string(FILE *fl, char *str)
{
char *buf = get_buffer(MAX_STRING_LENGTH), *p;
if (str && *str) {
stripchar(buf, str, "~");
for (p = strtok(buf, "\r"); p; p = strtok(NULL, "\r"))
fputs(p, fl);
}
fputs("~\n", fl);
release_buffer(buf);
}
fwrite_string() automatically calls and strips any tilde's from a string
before writing it.
Share and Enjoy!
+------------------------------------------------------------+
| Ensure that you have read the CircleMUD Mailing List FAQ: |
| http://democracy.queensu.ca/~fletcher/Circle/list-faq.html |
+------------------------------------------------------------+
This archive was generated by hypermail 2b30 : 12/15/00 PST