From dc1beb8e5b04069b65bb1dbd64944980ac6fa2d6 Mon Sep 17 00:00:00 2001
From: James R <justsomejames2@gmail.com>
Date: Mon, 7 Nov 2022 20:30:14 -0800
Subject: [PATCH] Fix buffer overflow when pasting into chat

---
 src/hu_stuff.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/hu_stuff.c b/src/hu_stuff.c
index c4067d7d81..b02eecb6c0 100644
--- a/src/hu_stuff.c
+++ b/src/hu_stuff.c
@@ -1142,7 +1142,7 @@ boolean HU_Responder(event_t *ev)
 			if (chatlen+pastelen > HU_MAXMSGLEN)
 				return true; // we can't paste this!!
 
-			memmove(&w_chat[c_input + pastelen], &w_chat[c_input], pastelen);
+			memmove(&w_chat[c_input + pastelen], &w_chat[c_input], (chatlen - c_input) + 1); // +1 for '\0'
 			memcpy(&w_chat[c_input], paste, pastelen); // copy all of that.
 			c_input += pastelen;
 			return true;
-- 
GitLab