ioquake/ioq3
0
0
Fork 0
mirror of https://github.com/ioquake/ioq3.git synced 2025-05-30 00:20:59 +00:00
Code Issues Projects Releases Packages Wiki Activity

security fix: prevent command injection via callvote

Browse source
This commit is contained in:
Ludwig Nussel 2009-01-17 23:09:58 +00:00
parent cde5fcfb9b
commit f5aae78481
4 changed files with 29 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

1
code/server/sv_client.c
View file

@ -1500,6 +1500,7 @@ void SV_ExecuteClientCommand( client_t *cl, const char *s, qboolean clientOK ) {
if (clientOK) {
// pass unknown strings to the game
if (!u->name && sv.state == SS_GAME) {
Cmd_Args_Sanitize();
VM_Call( gvm, GAME_CLIENT_COMMAND, cl - svs.clients );
}
}