mirror of
https://github.com/blendogames/thirtyflightsofloving.git
synced 2025-01-31 04:30:39 +00:00
More improvement to stufftext filtering.
Added instruction on setting cl_servertrick 1 from command linne to readme.
This commit is contained in:
Knightmare66
parent
62ea3ccaf4
commit
57f72957d7
2 changed files with 60 additions and 49 deletions
|
|
@ -131,7 +131,7 @@ void CL_ParseServerData (void)
|
|||
Cvar_ForceSet ("cl_servertrick", "0"); // force this off for local games
|
||||
else if (i != PROTOCOL_VERSION) */
|
||||
else if ( (i != PROTOCOL_VERSION) && (i != OLD_PROTOCOL_VERSION) )
|
||||
Com_Error (ERR_DROP,"Server returned version %i, not %i", i, PROTOCOL_VERSION);
|
||||
Com_Error (ERR_DROP, "Server returned version %i, not %i or %i", i, PROTOCOL_VERSION, OLD_PROTOCOL_VERSION);
|
||||
|
||||
cl.servercount = MSG_ReadLong (&net_message);
|
||||
cl.attractloop = MSG_ReadByte (&net_message);
|
||||
|
|
@ -713,24 +713,11 @@ Uses list of malicious commands from xian.
|
|||
*/
|
||||
qboolean CL_FilterStuffText (char *stufftext, size_t textSize)
|
||||
{
|
||||
int i = 0, len;
|
||||
qboolean inEcho = false;
|
||||
int i, quotes, stuffLen, execLen, cmdLen, textLen;
|
||||
char *parsetext = stufftext;
|
||||
char *s, *execname;
|
||||
char *s, *execname, *p;
|
||||
char *bad_stuffcmds[] =
|
||||
{
|
||||
/* "+use",
|
||||
"+mlook",
|
||||
"+klook",
|
||||
"+attack",
|
||||
"+speed",
|
||||
"+strafe",
|
||||
"+back",
|
||||
"+forward",
|
||||
"+right",
|
||||
"+left",
|
||||
"+look",
|
||||
"+move", */
|
||||
"sensitivity",
|
||||
"unbindall",
|
||||
"unbind",
|
||||
|
|
@ -746,42 +733,42 @@ qboolean CL_FilterStuffText (char *stufftext, size_t textSize)
|
|||
0
|
||||
};
|
||||
|
||||
stuffLen = (int)strlen(stufftext);
|
||||
|
||||
// nothing to filter?
|
||||
if ( !stufftext || (strlen(stufftext) == 0) )
|
||||
if ( !stufftext || (stuffLen == 0) )
|
||||
return true;
|
||||
|
||||
#if 1
|
||||
for (parsetext = stufftext; ((parsetext - stufftext) < (textSize-1)) && (*parsetext != '\0'); parsetext++)
|
||||
do
|
||||
{
|
||||
// skip spaces
|
||||
if (*parsetext == ' ') continue;
|
||||
if ( ((parsetext - stufftext) >= (textSize-1)) || ((parsetext - stufftext) >= stuffLen) )
|
||||
break;
|
||||
|
||||
// skip semicolon
|
||||
if (*parsetext == ';') {
|
||||
inEcho = false; // terminate echo skipping
|
||||
continue;
|
||||
}
|
||||
// skip ;
|
||||
if (*parsetext == ';') parsetext++;
|
||||
|
||||
// skip text in echo commands until semicolon
|
||||
if (inEcho) continue;
|
||||
if ( ((parsetext - stufftext) >= (textSize-1)) || ((parsetext - stufftext) >= stuffLen) )
|
||||
break;
|
||||
|
||||
// the echo command can print anything in the console, skip over it until we hit a semicolon
|
||||
if ( !strncmp(parsetext, "echo", 4) ) {
|
||||
inEcho = true;
|
||||
continue;
|
||||
}
|
||||
// skip leading spaces
|
||||
while ( (*parsetext == ' ') && ((parsetext - stufftext) < (textSize-1)) && ((parsetext - stufftext) < stuffLen) )
|
||||
parsetext++;
|
||||
|
||||
if ( ((parsetext - stufftext) >= (textSize-1)) || ((parsetext - stufftext) >= stuffLen) )
|
||||
break;
|
||||
|
||||
// handle quit and error stuffs specially
|
||||
if (!strncmp(parsetext, "quit", 4) || !strncmp(parsetext, "error", 5)) {
|
||||
if (!strncmp(parsetext, "quit", 4) || !strncmp(parsetext, "error", 5))
|
||||
{
|
||||
Com_Printf(S_COLOR_YELLOW"CL_FilterStuffText: Server stuffed 'quit' or 'error' command, disconnecting...\n");
|
||||
CL_Disconnect ();
|
||||
return false;
|
||||
}
|
||||
|
||||
// don't allow stuffing of renderer cvars
|
||||
if ( !strncmp(parsetext, "gl_", 3) || !strncmp(parsetext, "r_", 2) ) {
|
||||
if ( !strncmp(parsetext, "gl_", 3) || !strncmp(parsetext, "r_", 2) )
|
||||
return false;
|
||||
}
|
||||
|
||||
// the Generations mod stuffs exec g*.cfg for classes, so limit exec stuffs to .cfg files
|
||||
if ( !strncmp(parsetext, "exec", 4) )
|
||||
|
|
@ -794,28 +781,42 @@ qboolean CL_FilterStuffText (char *stufftext, size_t textSize)
|
|||
}
|
||||
|
||||
execname = COM_Parse (&s);
|
||||
len = (int)strlen(execname);
|
||||
execLen = (int)strlen(execname);
|
||||
|
||||
if ( (len > 1) && (execname[len-1] == ';') ) // catch token ending with ;
|
||||
len--;
|
||||
if ( (execLen > 1) && (execname[execLen-1] == ';') ) // catch token ending with ;
|
||||
execLen--;
|
||||
|
||||
if ( (len < 5) || (strncmp(execname+len-4, ".cfg", 4) != 0) ) {
|
||||
if ( (execLen < 5) || (strncmp(execname+execLen-4, ".cfg", 4) != 0) ) {
|
||||
Com_Printf(S_COLOR_YELLOW"CL_FilterStuffText: Server stuffed 'exec' command for non-cfg file\n");
|
||||
return false;
|
||||
}
|
||||
continue;
|
||||
return true;
|
||||
}
|
||||
|
||||
// code by xian- cycle through list of malicious commands
|
||||
i = 0;
|
||||
while (bad_stuffcmds[i] != NULL)
|
||||
{
|
||||
len = (int)strlen(bad_stuffcmds[i]);
|
||||
if ( Q_strncmp(parsetext, bad_stuffcmds[i], len) == 0 )
|
||||
cmdLen = (int)strlen(bad_stuffcmds[i]);
|
||||
if ( Q_strncmp(parsetext, bad_stuffcmds[i], cmdLen) == 0 )
|
||||
return false;
|
||||
i++;
|
||||
}
|
||||
}
|
||||
|
||||
// find a ; for next pass
|
||||
quotes = 0;
|
||||
textLen = (int)strlen(parsetext);
|
||||
p = NULL;
|
||||
for (i = 0; i < textLen; i++)
|
||||
{
|
||||
if (parsetext[i] == '"')
|
||||
quotes++;
|
||||
// don't break if in a quoted string
|
||||
if ( !(quotes & 1) && (parsetext[i] == ';') )
|
||||
p = &parsetext[i];
|
||||
}
|
||||
parsetext = p;
|
||||
} while (parsetext != NULL);
|
||||
#else
|
||||
// skip leading spaces
|
||||
while (*parsetext == ' ') parsetext++;
|
||||
|
|
@ -837,15 +838,18 @@ qboolean CL_FilterStuffText (char *stufftext, size_t textSize)
|
|||
{
|
||||
s = parsetext;
|
||||
execname = COM_Parse (&s);
|
||||
if (!s) return false; // catch case of no text after 'exec'
|
||||
if (!s) {
|
||||
Com_Printf(S_COLOR_YELLOW"CL_FilterStuffText: Server stuffed 'exec' command with no file\n");
|
||||
return false; // catch case of no text after 'exec'
|
||||
}
|
||||
|
||||
execname = COM_Parse (&s);
|
||||
len = (int)strlen(execname);
|
||||
execLen = (int)strlen(execname);
|
||||
|
||||
if ( (len > 1) && (execname[len-1] == ';') ) // catch token ending with ;
|
||||
len--;
|
||||
if ( (execLen > 1) && (execname[execLen-1] == ';') ) // catch token ending with ;
|
||||
execLen--;
|
||||
|
||||
if ( (len < 5) || strncmp(execname+len-4, ".cfg", 4) ) {
|
||||
if ( (execLen < 5) || (strncmp(execname+execLen-4, ".cfg", 4) != 0) ) {
|
||||
Com_Printf(S_COLOR_YELLOW"CL_FilterStuffText: Server stuffed 'exec' command for non-cfg file\n");
|
||||
return false;
|
||||
}
|
||||
|
|
@ -853,9 +857,9 @@ qboolean CL_FilterStuffText (char *stufftext, size_t textSize)
|
|||
}
|
||||
|
||||
// code by xian- cycle through list of malicious commands
|
||||
i = 0;
|
||||
while (bad_stuffcmds[i] != NULL)
|
||||
{
|
||||
// if ( strstr(parsetext, bad_stuffcmds[i]) )
|
||||
if ( Q_StrScanToken(parsetext, bad_stuffcmds[i], true) )
|
||||
return false;
|
||||
i++;
|
||||
|
|
|
|||
|
|
@ -105,6 +105,13 @@ How To Run
|
|||
mod's code to run, it must be compiled into a kmq2gamex86.dll (see end of file for
|
||||
instructions).
|
||||
|
||||
To connect to standard Quake2 (protocol 34) servers, add
|
||||
|
||||
+set cl_servertrick 1
|
||||
|
||||
to the command line. Or you can set the "client protocol compatbility" option in the Join Server menu
|
||||
to version 34 (stock Quake2). This is disabled by default.
|
||||
|
||||
If you want to enable the playing of cinematics off the game or mission pack CD, add
|
||||
|
||||
+set scanforcd 1
|
||||
|
|
|
|||
Loading…
Reference in a new issue