Fix buffer overflow in M_LoadDefaults

Too much data will most likely result in a crash or freeze, but you can overwrite the stack which can be used to do an arbitrary code execution. (https://twitter.com/notrevenant/status/1268654123903340544)
AXDOOMER · Jun 11, 2020 · 8a6d9a0 · 8a6d9a0
1 parent 031d20d
commit 8a6d9a0
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/m_misc.c b/m_misc.c
@@ -479,7 +479,7 @@ void M_LoadDefaults (void)
 	while (!feof(f))
 	{
 	    isstring = false;
-	    if (fscanf (f, "%79s %[^\n]\n", def, strparm) == 2)
+	    if (fscanf (f, "%79s %99[^\n]\n", def, strparm) == 2)
 	    {
 		if (strparm[0] == '"')
 		{