From 4322799201724701ef1dc3d297345d7c863219d3 Mon Sep 17 00:00:00 2001 From: Stenzek Date: Sun, 1 Sep 2024 23:50:06 +1000 Subject: [PATCH] dep/rcheevos: Don't silently truncate buffers in rc_api_init_fetch_image_request() --- dep/rcheevos/src/rc_client.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/dep/rcheevos/src/rc_client.c b/dep/rcheevos/src/rc_client.c index d57f86f9f..79604674e 100644 --- a/dep/rcheevos/src/rc_client.c +++ b/dep/rcheevos/src/rc_client.c @@ -578,7 +578,13 @@ static int rc_client_get_image_url(char buffer[], size_t buffer_size, int image_ image_request.image_name = image_name; result = rc_api_init_fetch_image_request(&request, &image_request); if (result == RC_OK) - snprintf(buffer, buffer_size, "%s", request.url); + { + const size_t url_length = strlen(request.url); + if (url_length >= buffer_size) + result = RC_INSUFFICIENT_BUFFER; + else + memcpy(buffer, request.url, url_length + 1); + } rc_api_destroy_request(&request); return result;