commit 2b80ebef7b642204bafe5f9e72c11ceab6dea2d5
from: Markus Uhlin <markus@nifty-networks.net>
via: GitHub <noreply@github.com>
date: Sat Aug 16 13:40:22 2025 UTC

Potential fix for code scanning alert no. 5: Uncontrolled data used in path expression

Co-authored-by: Copilot Autofix powered by AI <62310815+github-advanced-security[bot]@users.noreply.github.com>

commit - e237eae01f3b65afd11a09b805637ba562108036
commit + 2b80ebef7b642204bafe5f9e72c11ceab6dea2d5
blob - d8c6a7cd2cf3a870ba82c0baf33275943ea75e79
blob + ee70a9df51704c99120ae3b10195b9fd71caf918
--- FICS/gamedb.c
+++ FICS/gamedb.c
@@ -1730,7 +1730,17 @@ RemHist(char *who)
 				iter_no++;
 				continue;
 			}
+			/* Additional validation: only allow alphanumeric and underscores */
+			for (char *p = Opp; *p; ++p) {
+				if (!((*p >= 'a' && *p <= 'z') || (*p >= 'A' && *p <= 'Z') ||
+				      (*p >= '0' && *p <= '9') || *p == '_')) {
+					warnx("%s: Opp contains invalid character: '%s' (skipping)", __func__, Opp);
+					iter_no++;
+					goto next_iter;
+				}
+			}
 			oppWhen = OldestHistGame(Opp);
+		next_iter:;
 
 			if (oppWhen > When || oppWhen <= 0L) {
 				char histfile[MAX_FILENAME_SIZE] = { '\0' };