From 1b3c384f4438e862d1b36d3dc9f202be641f1b7f Mon Sep 17 00:00:00 2001
From: in2 <in2@63ad8ddf-47c3-0310-b6dd-a9e9d9715204>
Date: Thu, 10 Jun 2004 11:13:48 +0000
Subject: security fix in blog

git-svn-id: http://opensvn.csie.org/pttbbs/trunk/pttbbs@2058 63ad8ddf-47c3-0310-b6dd-a9e9d9715204
---
 mbbsd/announce.c | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

diff --git a/mbbsd/announce.c b/mbbsd/announce.c
index 844a6f72..3d1e3d9d 100644
--- a/mbbsd/announce.c
+++ b/mbbsd/announce.c
@@ -1128,7 +1128,7 @@ void BlogMain(int num)
 	    system(genbuf);
 	    break;
 	case '4':{
-	    char    hash[35];
+	    char    hash[33];
 	    int     i;
 	    getdata(16, 0, "請輸入該篇的雜湊值: ",
 		    hash, sizeof(hash), DOECHO);
@@ -1170,8 +1170,16 @@ void BlogMain(int num)
 	    
 	case '5': {
 	    char    date[9];
+	    int     i;
 	    getdata(16, 0, "請輸入該篇的日期(yyyymmdd): ",
 		    date, sizeof(date), DOECHO);
+	    for( i = 0 ; i < 9 ; ++i )
+		if( !isdigit(date[i]) )
+		    break;
+	    if( i != 9 ){
+		vmsg("輸入錯誤");
+		break;
+	    }
 	    snprintf(genbuf, sizeof(genbuf),
 		     "bin/builddb.pl -D %s %s", date, currboard);
 	    system(genbuf);
-- 
cgit v1.2.3