[Bug-gnubg] Crash on startup with stack protection enabled using Spanish locale

[Russ Allbery]

Hi folks,

gnubg 1.06.002 allocates static buffers in three functions in set.c
(CommandSetEvalCubeful, CommandSetEvalPrune, and
CommandSetEvalDeterministic) to initialize UI elements.  The translation
of those strings in the Spanish locale is longer than the allocated static
buffer.  This means gnubg will crash on startup if built with stack
protection and run in the es_ES.UTF-8 locale.

For a quick fix in the Debian package, I applied the following simple
patch to increase the static buffer size, but I suspect there's some glib
string allocation function that should be used here instead to dynamically
allocate the string (at the trivial cost of adding a free afterwards).
Unfortunately, I haven't done enough glib programming to know the right
fix off the top of my head.

diff --git a/set.c b/set.c
index 4e2e826..09f43e8 100644
--- a/set.c
+++ b/set.c
@@ -1024,7 +1024,7 @@ extern void
 CommandSetEvalCubeful(char *sz)
 {
 
-    char asz[2][128], szCommand[64];
+    char asz[2][256], szCommand[64];
     int f = pecSet->fCubeful;
 
     sprintf(asz[0], _("%s will use cubeful evaluation.\n"), szSet);
@@ -1038,7 +1038,7 @@ extern void
 CommandSetEvalPrune(char *sz)
 {
 
-    char asz[2][128], szCommand[64];
+    char asz[2][256], szCommand[64];
     int f = pecSet->fUsePrune;
 
     sprintf(asz[0], _("%s will use pruning.\n"), szSet);
@@ -1052,7 +1052,7 @@ extern void
 CommandSetEvalDeterministic(char *sz)
 {
 
-    char asz[2][128], szCommand[64];
+    char asz[2][256], szCommand[64];
     int f = pecSet->fDeterministic;
 
     sprintf(asz[0], _("%s will use deterministic noise.\n"), szSet);

-- 
Russ Allbery (address@hidden)              <http://www.eyrie.org/~eagle/>