From 4b943aab31e6ca265e111b2cd40893c2d9b2c50f Mon Sep 17 00:00:00 2001
From: SZY <>
Date: Fri, 18 Nov 2011 09:58:53 +0000
Subject: [PATCH] 0022378: Small patch to fix buffer vulnerability of Draw

---
 src/Draw/Draw_Window.cxx | 8 +++++---
 1 file changed, 5 insertions(+), 3 deletions(-)

diff --git a/src/Draw/Draw_Window.cxx b/src/Draw/Draw_Window.cxx
index 587ef5f396..2370d1c1a7 100755
--- a/src/Draw/Draw_Window.cxx
+++ b/src/Draw/Draw_Window.cxx
@@ -1945,8 +1945,9 @@ static Tk_Window mainWindow;
 //* threads sinchronization *//
 DWORD  dwMainThreadId;
 console_semaphore_value volatile console_semaphore = WAIT_CONSOLE_COMMAND;
-char console_command[1000];
-
+//char console_command[1000];
+#define COMMAND_SIZE 1000     /* Console Command size */
+char console_command[COMMAND_SIZE];
 bool volatile isTkLoopStarted = false;
 
 /*--------------------------------------------------------*\
@@ -2025,7 +2026,8 @@ static DWORD WINAPI readStdinThreadFunc(VOID)
   while (1) {
     while (console_semaphore != WAIT_CONSOLE_COMMAND)
       Sleep(100);
-    if (gets(console_command))
+    //if (gets(console_command))
+	if (fgets(console_command,COMMAND_SIZE,stdin)) 
       {
         console_semaphore = HAS_CONSOLE_COMMAND;
       }