fte/fteqw
2
0
Fork 1
Code Issues Pull requests Projects Releases Packages Wiki Activity

Closed a security hole

Browse source 
git-svn-id: https://svn.code.sf.net/p/fteqw/code/trunk@410 fc73d0e0-1445-4013-8a0c-d673dee63da5
This commit is contained in:
Spoike 2004-11-13 17:22:13 +00:00
parent ecc515918e
commit 6e4d99572a
1 changed files with 39 additions and 10 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

49
engine/common/cmd.c
View file

@ -331,7 +331,7 @@ void Cbuf_ExecuteLevel (int level)
// for next frame // for next frame
break; break;
} }
// find a \n or ; line break // find a \n or ; line break
text = (char *)cmd_text[level].buf.data; text = (char *)cmd_text[level].buf.data;
@ -1044,7 +1044,7 @@ char *Cmd_ExpandString (char *data, char *dest, int destlen, int maxaccesslevel)
if (var->restriction <= maxaccesslevel) if (var->restriction <= maxaccesslevel)
bestvar = var; bestvar = var;
} }
#ifdef SERVERONLY #ifndef SERVERONLY
if ((str = TP_MacroString (buf+striptrailing, &macro_length))) if ((str = TP_MacroString (buf+striptrailing, &macro_length)))
bestmacro = str; bestmacro = str;
#endif #endif
@ -2185,17 +2185,39 @@ void Cmd_set_f(void)
text++; text++;
while(*text <= ' ') //second whitespace while(*text <= ' ') //second whitespace
text++; text++;
//second var //second var
text = If_Token(text, &end);
var = Cvar_FindVar (Cmd_Argv(1)); var = Cvar_FindVar (Cmd_Argv(1));
if (var)
Cvar_Set(var, text);
else
var = Cvar_Get(Cmd_Argv(1), text, 0, "User variables");
if (!stricmp(Cmd_Argv(0), "seta")) if (var)
var->flags |= CVAR_ARCHIVE|CVAR_USERCREATED; {
if (var->flags & CVAR_NOTFROMSERVER && Cmd_FromServer())
{
Con_Printf ("Server tried setting %s cvar\n", var->name);
return true;
}
text = If_Token(text, &end);
if (Cmd_FromServer())
Cvar_LockFromServer(var, text);
else
Cvar_Set(var, text);
}
else
{
text = If_Token(text, &end);
if (Cmd_FromServer())
{
var = Cvar_Get(Cmd_Argv(1), "", 0, "Game variables");
Cvar_LockFromServer(var, text);
}
else
var = Cvar_Get(Cmd_Argv(1), text, 0, "User variables");
}
if (!Cmd_FromServer())
if (!stricmp(Cmd_Argv(0), "seta"))
var->flags |= CVAR_ARCHIVE|CVAR_USERCREATED;
} }
@ -2218,6 +2240,13 @@ void Cvar_Inc_f (void)
Con_Printf ("Unknown variable \"%s\"\n", Cmd_Argv(1)); Con_Printf ("Unknown variable \"%s\"\n", Cmd_Argv(1));
return; return;
} }
if (var->flags & CVAR_NOTFROMSERVER && Cmd_FromServer())
{
Con_Printf ("Server tried setting %s cvar\n", var->name);
return true;
}
delta = (c == 3) ? atof (Cmd_Argv(2)) : 1; delta = (c == 3) ? atof (Cmd_Argv(2)) : 1;
Cvar_SetValue (var, var->value + delta); Cvar_SetValue (var, var->value + delta);