server: Ensure no buffer overflows when sscanf to char buffer

Closes #878

src/game/server/tf/tf_passtime_logic.cpp

@@ -1853,11 +1853,14 @@ bool CTFPasstimeLogic::ParseSetSection( const char *pStr, SetSectionParams &s )
 {
 	char pszStartName[64];
 	char pszEndName[64];
-	const int iScanCount = sscanf( pStr, "%i %s %s", &s.num, pszStartName, pszEndName ); // WHAT YEAR IS IT
+	const int iScanCount = sscanf( pStr, "%i %63s %63s", &s.num, pszStartName, pszEndName ); // WHAT YEAR IS IT
 	if ( iScanCount != 3 )
 	{
 		return false;
 	}
+	pszStartName[ ARRAYSIZE(pszStartName) - 1 ] = '\0';
+	pszEndName[ ARRAYSIZE(pszEndName) - 1 ] = '\0';
+
 	s.pSectionStart = dynamic_cast<CPathTrack*>( gEntList.FindEntityByName( 0, pszStartName ) );
 	s.pSectionEnd = dynamic_cast<CPathTrack*>( gEntList.FindEntityByName( 0, pszEndName ) );
 

src/game/server/tf/tf_player.cpp

@@ -5950,8 +5950,9 @@ void CTFPlayer::HandleAnimEvent( animevent_t *pEvent )
 		char szAttrName[128];
 		float flVal;
 		float flDuration;
-		if ( sscanf( pEvent->options, "%s %f %f", szAttrName, &flVal, &flDuration ) == 3 )
+		if ( sscanf( pEvent->options, "%127s %f %f", szAttrName, &flVal, &flDuration ) == 3 )
 		{
+			szAttrName[ ARRAYSIZE(szAttrName) - 1 ] = '\0';
 			Assert( flDuration > 0.f );
 			AddCustomAttribute( szAttrName, flVal, flDuration );
 		}