From 3b0c07281d432f3c0dccbd5a14a35ec50825044c Mon Sep 17 00:00:00 2001 From: TimeServ Date: Mon, 12 Jun 2006 22:05:41 +0000 Subject: [PATCH] don't expand certain cvars from insecure command calls, fix server stuffcmd command git-svn-id: https://svn.code.sf.net/p/fteqw/code/trunk@2326 fc73d0e0-1445-4013-8a0c-d673dee63da5 --- engine/client/cl_main.c | 8 +++---- engine/common/cmd.c | 2 +- engine/common/cvar.c | 2 ++ engine/common/cvar.h | 3 ++- engine/server/sv_ccmds.c | 48 ++++++++++++++++++++-------------------- engine/server/sv_main.c | 6 ++--- 6 files changed, 36 insertions(+), 33 deletions(-) diff --git a/engine/client/cl_main.c b/engine/client/cl_main.c index 54ee895c0..b7af4a5cd 100644 --- a/engine/client/cl_main.c +++ b/engine/client/cl_main.c @@ -41,9 +41,9 @@ void Name_Callback(struct cvar_s *var, char *oldvalue); qboolean noclip_anglehack; // remnant from old quake -cvar_t rcon_password = SCVAR("rcon_password", ""); +cvar_t rcon_password = SCVARF("rcon_password", "", CVAR_NOUNSAFEEXPAND); -cvar_t rcon_address = SCVAR("rcon_address", ""); +cvar_t rcon_address = SCVARF("rcon_address", "", CVAR_NOUNSAFEEXPAND); cvar_t cl_timeout = SCVAR("cl_timeout", "60"); @@ -95,7 +95,7 @@ extern int total_loading_size, current_loading_size, loading_stage; // // info mirrors // -cvar_t password = SCVARF("password", "", CVAR_USERINFO); //this is parhaps slightly dodgy... +cvar_t password = SCVARF("password", "", CVAR_USERINFO | CVAR_NOUNSAFEEXPAND); //this is parhaps slightly dodgy... cvar_t spectator = SCVARF("spectator", "", CVAR_USERINFO); cvar_t name = SCVARFC("name", "unnamed", CVAR_ARCHIVE | CVAR_USERINFO, Name_Callback); cvar_t team = SCVARF("team", "", CVAR_ARCHIVE | CVAR_USERINFO); @@ -3186,7 +3186,7 @@ void CL_ReadCDKey(void) break; } } - var = Cvar_Get("cl_cdkey", buffer, CVAR_LATCH, "Q3 compatability"); + var = Cvar_Get("cl_cdkey", buffer, CVAR_LATCH|CVAR_NOUNSAFEEXPAND, "Q3 compatability"); } } #endif diff --git a/engine/common/cmd.c b/engine/common/cmd.c index adfcb2b05..96e6d6ce2 100644 --- a/engine/common/cmd.c +++ b/engine/common/cmd.c @@ -1095,7 +1095,7 @@ char *Cmd_ExpandString (char *data, char *dest, int destlen, int maxaccesslevel, buf[i] = 0; if ( (var = Cvar_FindVar(buf+striptrailing)) != NULL ) { - if (var->restriction <= maxaccesslevel) + if (var->restriction <= maxaccesslevel && !((var->flags & CVAR_NOUNSAFEEXPAND) && Cmd_IsInsecure())) bestvar = var; } #ifndef SERVERONLY diff --git a/engine/common/cvar.c b/engine/common/cvar.c index 48d66c277..5e9d954d8 100644 --- a/engine/common/cvar.c +++ b/engine/common/cvar.c @@ -158,6 +158,8 @@ char *Cvar_FlagToName(int flag) return "serverlatch"; case CVAR_RENDERERCALLBACK: return "rendercallback"; + case CVAR_NOUNSAFEEXPAND: + return "nounsafeexpand"; } return NULL; diff --git a/engine/common/cvar.h b/engine/common/cvar.h index 319ce233f..2f9424cf0 100644 --- a/engine/common/cvar.h +++ b/engine/common/cvar.h @@ -105,8 +105,9 @@ typedef struct cvar_group_s #define CVAR_RENDERERLATCH 1024 //requires a vid_restart to reapply. #define CVAR_SERVEROVERRIDE 2048 //the server has overridden out local value - should probably be called SERVERLATCH #define CVAR_RENDERERCALLBACK 4096 //force callback for cvars on renderer change +#define CVAR_NOUNSAFEEXPAND 8192 // do not expand cvar value when command is from gamecode -#define CVAR_LASTFLAG CVAR_RENDERERCALLBACK +#define CVAR_LASTFLAG CVAR_NOUNSAFEEXPAND #define CVAR_LATCHMASK (CVAR_LATCH|CVAR_RENDERERLATCH|CVAR_SERVEROVERRIDE|CVAR_CHEAT|CVAR_SEMICHEAT) //you're only allowed one of these. #define CVAR_NEEDDEFAULT CVAR_CHEAT diff --git a/engine/server/sv_ccmds.c b/engine/server/sv_ccmds.c index 6e11186c8..d464395ad 100644 --- a/engine/server/sv_ccmds.c +++ b/engine/server/sv_ccmds.c @@ -1133,30 +1133,30 @@ void SV_StuffToClient_f(void) //a list of safe, allowed commands. Allows any extention of this. if (strchr(str, '\n') || strchr(str, ';') || ( - strncmp(str, "setinfo", 7) && - strncmp(str, "quit", 4) && - strncmp(str, "gl_fb", 5) && - strncmp(str, "r_fb", 4) && - strncmp(str, "say", 3) && //note that the say parsing could be useful here. - strncmp(str, "echo", 4) && - strncmp(str, "name", 4) && - strncmp(str, "skin", 4) && - strncmp(str, "color", 5) && - strncmp(str, "cmd", 3) && - strncmp(str, "fov", 3) && - strncmp(str, "connect", 7) && - strncmp(str, "rate", 4) && - strncmp(str, "cd", 2) && - strncmp(str, "easyrecord", 10) && - strncmp(str, "leftisright", 11) && - strncmp(str, "menu_", 5) && - strncmp(str, "r_fullbright", 12) && - strncmp(str, "toggleconsole", 13) && - strncmp(str, "v_i", 3) && //idlescale vars - strncmp(str, "bf", 2) && - strncmp(str, "+", 1) && - strncmp(str, "-", 1) && - strncmp(str, "impulse", 7) && + !strncmp(str, "setinfo", 7) && + !strncmp(str, "quit", 4) && + !strncmp(str, "gl_fb", 5) && + !strncmp(str, "r_fb", 4) && +// !strncmp(str, "say", 3) && //note that the say parsing could be useful here. + !strncmp(str, "echo", 4) && + !strncmp(str, "name", 4) && + !strncmp(str, "skin", 4) && + !strncmp(str, "color", 5) && + !strncmp(str, "cmd", 3) && + !strncmp(str, "fov", 3) && + !strncmp(str, "connect", 7) && + !strncmp(str, "rate", 4) && + !strncmp(str, "cd", 2) && + !strncmp(str, "easyrecord", 10) && + !strncmp(str, "leftisright", 11) && + !strncmp(str, "menu_", 5) && + !strncmp(str, "r_fullbright", 12) && + !strncmp(str, "toggleconsole", 13) && + !strncmp(str, "v_i", 3) && //idlescale vars + !strncmp(str, "bf", 2) && + !strncmp(str, "+", 1) && + !strncmp(str, "-", 1) && + !strncmp(str, "impulse", 7) && 1)) { Con_Printf("You're not allowed to stuffcmd that\n"); diff --git a/engine/server/sv_main.c b/engine/server/sv_main.c index c83af5809..239faeba7 100644 --- a/engine/server/sv_main.c +++ b/engine/server/sv_main.c @@ -90,14 +90,14 @@ cvar_t zombietime = SCVAR("zombietime", "2"); // seconds to sink messages #ifdef SERVERONLY cvar_t developer = SCVAR("developer","0"); // show extra messages -cvar_t rcon_password = SCVAR("rcon_password", ""); // password for remote server commands -cvar_t password = SCVAR("password", ""); // password for entering the game +cvar_t rcon_password = SCVARF("rcon_password", "", CVAR_NOUNSAFEEXPAND); // password for remote server commands +cvar_t password = SCVARF("password", "", CVAR_NOUNSAFEEXPAND); // password for entering the game #else extern cvar_t developer; extern cvar_t rcon_password; extern cvar_t password; #endif -cvar_t spectator_password = SCVAR("spectator_password", ""); // password for entering as a sepctator +cvar_t spectator_password = SCVARF("spectator_password", "", CVAR_NOUNSAFEEXPAND); // password for entering as a sepctator cvar_t allow_download = SCVAR("allow_download", "1"); cvar_t allow_download_skins = SCVAR("allow_download_skins", "1");