Increase label buffer size and bounds-check all writes.

git-svn-id: file:///fltk/svn/fltk/branches/branch-1.1@2847 ea41ed52-d2ee-0310-a9c1-e6b18d33e121

2 files changed, 6 insertions, 4 deletions

diff --git a/CHANGES b/CHANGES
index 5bb146fe3..f9cfa0f7c 100644
--- a/CHANGES
+++ b/CHANGES
@@ -1,5 +1,7 @@
 CHANGES IN FLTK 1.1.2
 
+	- Fl_Menu_::add(const char *) used too small a menu item
+	  label buffer and didn't do bounds checking.
 	- Eliminate some compiler warnings with CodeWarrier
 	  under WIN32 (Paul Chambers)
 	- Fl_Gl_Window widgets did not resize properly under
diff --git a/src/Fl_Menu_add.cxx b/src/Fl_Menu_add.cxx
index 0b880c3b5..ac33e1a2d 100644
--- a/src/Fl_Menu_add.cxx
+++ b/src/Fl_Menu_add.cxx
@@ -1,5 +1,5 @@
 //
-// "$Id: Fl_Menu_add.cxx,v 1.9.2.13.2.5 2002/10/01 18:37:27 easysw Exp $"
+// "$Id: Fl_Menu_add.cxx,v 1.9.2.13.2.6 2002/11/19 16:59:22 easysw Exp $"
 //
 // Menu utilities for the Fast Light Tool Kit (FLTK).
 //
@@ -219,12 +219,12 @@ int Fl_Menu_::add(const char *t, int s, Fl_Callback *c,void *v,int f) {
 // adds many menu items, with '|' seperating the menu items, and tab
 // seperating the menu item names from an optional shortcut string.
 int Fl_Menu_::add(const char *str) {
-  char buf[128];
+  char buf[1024];
   int r = 0;
   while (*str) {
     int sc = 0;
     char *c;
-    for (c = buf; *str && *str != '|'; str++) {
+    for (c = buf; c < (buf + sizeof(buf) - 2) && *str && *str != '|'; str++) {
       if (*str == '\t') {*c++ = 0; sc = fl_old_shortcut(str);}
       else *c++ = *str;
     }
@@ -262,5 +262,5 @@ void Fl_Menu_::remove(int i) {
 }
 
 //
-// End of "$Id: Fl_Menu_add.cxx,v 1.9.2.13.2.5 2002/10/01 18:37:27 easysw Exp $".
+// End of "$Id: Fl_Menu_add.cxx,v 1.9.2.13.2.6 2002/11/19 16:59:22 easysw Exp $".
 //