From 2b4e97730dff9c8e443bee87159332bb9870b3b8 Mon Sep 17 00:00:00 2001
From: Markus Armbruster <armbru@pond.sub.org>
Date: Sun, 14 Feb 2010 19:29:13 +0100
Subject: [PATCH] files could clobber the game when reading confirmation fails

fgets() fails on read error or EOF.  When it fails, it doesn't touch
the buffer.  Since files didn't check its return value, it read an
uninitialized character from the buffer.  If that happened to be 'y'
or 'Y', it happily clobbered the game.
---
 src/util/files.c | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/src/util/files.c b/src/util/files.c
index 71233c68..98c9bdc4 100644
--- a/src/util/files.c
+++ b/src/util/files.c
@@ -130,8 +130,7 @@ main(int argc, char *argv[])
 	printf("WARNING: this blasts the existing game in %s (if any)\n",
 	       gamedir);
 	printf("continue? ");
-	fgets(buf, sizeof(buf), stdin);
-	if (*buf != 'y' && *buf != 'Y')
+	if (!fgets(buf, sizeof(buf), stdin) || (*buf != 'y' && *buf != 'Y'))
 	    exit(1);
     }
     for (i = 0; i < EF_MAX; i++) {