commit - e237eae01f3b65afd11a09b805637ba562108036
commit + 2b80ebef7b642204bafe5f9e72c11ceab6dea2d5
blob - d8c6a7cd2cf3a870ba82c0baf33275943ea75e79
blob + ee70a9df51704c99120ae3b10195b9fd71caf918
--- FICS/gamedb.c
+++ FICS/gamedb.c
iter_no++;
continue;
}
+ /* Additional validation: only allow alphanumeric and underscores */
+ for (char *p = Opp; *p; ++p) {
+ if (!((*p >= 'a' && *p <= 'z') || (*p >= 'A' && *p <= 'Z') ||
+ (*p >= '0' && *p <= '9') || *p == '_')) {
+ warnx("%s: Opp contains invalid character: '%s' (skipping)", __func__, Opp);
+ iter_no++;
+ goto next_iter;
+ }
+ }
oppWhen = OldestHistGame(Opp);
+ next_iter:;
if (oppWhen > When || oppWhen <= 0L) {
char histfile[MAX_FILENAME_SIZE] = { '\0' };
