Scripts/Commands: Fix issues reported by static analysis

Fix possible buffer overflow in ".server shutdown" and NULL-dereference/Triggered Debug Assert.
author: jackpoz <giacomopoz@gmail.com> 2014-09-06 20:41:24 +0200
committer: jackpoz <giacomopoz@gmail.com> 2014-09-06 20:43:08 +0200
commit: 29b9e5f0d5856fd84102b2ebbada57eff5863e8c (patch)
tree: a65c126413f7e8e8c2bc0dd339cd8de96e750208
parent: 25f75501ef65f0ef70fa3d4d10cfba93b82ef4a3 (diff)
1 files changed, 9 insertions, 6 deletions
diff --git a/src/server/scripts/Commands/cs_server.cpp b/src/server/scripts/Commands/cs_server.cpp
index 14a68d1fdae..f828b66a93a 100644
--- a/src/server/scripts/Commands/cs_server.cpp
+++ b/src/server/scripts/Commands/cs_server.cpp
@@ -316,6 +316,9 @@ private:
         if (!*args)
             return false;
 
+        if (strlen(args) > 255)
+            return false;
+
         // #delay [#exit_code] [reason]
         char* delayStr = strtok((char*)args, " ");
         if (!delayStr || !isNumeric(delayStr))
@@ -323,10 +326,7 @@ private:
 
         char* exitCodeStr = nullptr;
 
-        if (strlen(args) > 255)
-            return false;
-
-        char reason[255] = { 0 };
+        char reason[256] = { 0 };
 
         while (char* nextToken = strtok(nullptr, " "))
         {
@@ -335,8 +335,11 @@ private:
             else
             {
                 strcat(reason, nextToken);
-                strcat(reason, " ");
-                strcat(reason, strtok(nullptr, "\0"));
+                if (char* remainingTokens = strtok(nullptr, "\0"))
+                {
+                    strcat(reason, " ");
+                    strcat(reason, remainingTokens);
+                }
                 break;
             }
         }
author	jackpoz <giacomopoz@gmail.com>	2014-09-06 20:41:24 +0200
committer	jackpoz <giacomopoz@gmail.com>	2014-09-06 20:43:08 +0200
commit	29b9e5f0d5856fd84102b2ebbada57eff5863e8c (patch)
tree	a65c126413f7e8e8c2bc0dd339cd8de96e750208
parent	25f75501ef65f0ef70fa3d4d10cfba93b82ef4a3 (diff)