Commit graph

151 commits

Author SHA1 Message Date
Zack Middleton
4ea0eebfe5 Fix nullptr dereference in front of nullptr check in FS_CheckPak0
Found using LLVM sanitizer. Reported by Dominic "lonkamikaze" Fandrey
and David "devnexen" CARLIER.
2018-04-08 20:56:08 -05:00
Zack Middleton
71a9a5efa6 Make FS_InvalidGameDir() consider subdirectories invalid
fs_game shouldn't be a subdirectory and it simplifies the code.
2018-02-04 20:34:48 -06:00
Zack Middleton
738465d677 Revert my recent cvar latch changes
My cvar latch system changes prevent the Game VM from changing
g_gametype when the value is out of range due to it being registed in
the engine. It's been pointed out as fragile method of security, which
was still exploitable, by Noah Metzger (Chomenor). It doesn't seem like
this is working out to be a good solution.

The issue of fs_game '..' on server being relicated on client via
systeminfo exploit is still fixed as it's not affected by latch.
There are a few cases from current values of fs_game are used which
ideally should use fs_gamedir char array which has been validated.

Revert "Don't let VMs change engine latch cvars immediately"
Partially revert "Fix fs_game '..' reading outside of home and base path"
Revert "Fix VMs forcing engine latch cvar to update to latched value"
2018-01-21 22:45:46 -06:00
Zack Middleton
3638f69dff Fix fs_game '..' reading outside of home and base path
VMs could set fs_game to '..' at anytime to access files outside of home
and base path. fs_game sent by server to clients could also be '..' to
access files outside of home and base path.

'..' was not caught by FS_CheckDirTraversal() as it expects filenames
not a single directory.

I've made fs_game be latched to prevent VMs from changing it with no
good way to validate it before it's used. com_basegame and fs_basegame
are now latched as well.

Additionally, it's now possible to change com_basegame while the engine
is running. game_restart or vid_restart will make it take affect.
com_homepath is now CVAR_PROTECTED to prevent VMs from changing it
to a directory traversal.

This requires my two previous commits for preventing VMs from changing
engine latch cvars and only Cvar_Get fs_game in FS_Startup (so CVAR_INIT
isn't added in serveral other places).

Reported by Noah Metzger (Chomenor).
2018-01-21 06:02:28 -06:00
Zack Middleton
adef4e6c9e Don't register fs_game cvar everywhere just to get the value 2018-01-21 06:02:08 -06:00
Edward Betts
fe42b8653d Correct spelling mistakes. 2017-11-22 01:40:20 -06:00
Zack Middleton
2c225a5a2b Merge pull request #199 from UniQP/typos
Fix some typos in comments
2017-05-24 13:41:15 -05:00
Zack Middleton
351e8f84d2 Merge pull request #270 from mickael9/unused-warning
Don't include (mission)pak_checksums in standalone build
2017-05-24 12:26:55 -05:00
Zack Middleton
05858d30e8 Don't load libraries with non-standard file extensions
Also don't allow writting files ending in a library extension such
as ".so.0" or ".dylib.0".
2017-05-24 10:28:46 -05:00
Max Crofts
af69d1148f Improve FS_GetModList
- Paths to search for mods are now specified in an array

- Mods can now consist solely of ".pk3dir" folders and still be
considered valid

- The function now has a consistent style
2017-04-12 17:49:50 +10:00
Max Crofts
7ff610db35 Detect GOG install path 2017-04-07 16:26:26 +10:00
SmileTheory
d4e1a01f33 Remove FS_Read2().
Functionally the same as FS_Read().
Streaming functionality was removed in 672cfbf16f but flag remained.
2017-03-17 04:21:11 -07:00
SmileTheory
376267d534 Don't load .pk3s as .dlls, and don't load user config files from .pk3s. 2017-03-13 14:14:00 -07:00
Mickaël Thomas
40ec42a425 Don't include (mission)pak_checksums in standalone build
Avoids a compiler warning
2017-03-12 22:57:17 +01:00
Zack Middleton
10f33b892b Fix removing/creating PID file for base game when switching to/from mods 2016-10-27 22:54:33 -05:00
Zack Middleton
755b2f38f0 Offer post-crash safe settings on a per-mod basis
Offer to restore settings when loading a mod that crashed, not the first
mod that gets loaded after a crash. Before the first mod loaded (usually
baseq3) would get the option even if missionpack or some other mod crashed.

- Make pid files separate for each fs_game.
- Remove/write pid every time switching fs_game.
- Create path before writing pid file otherwise it fails on first run.
- Show mod description.txt or fs_game instead of engine name in abnormal
  exit message.
- Check com_fullyInitialized in Com_Error before removing PID,
  otherwise "ioquake3 --version" segfaults when accessing fs_gamevar->string
  (plus not fully initialized isn't really a normal shutdown).
2016-10-09 18:18:08 -05:00
Sebastian Buchwald
5eae6de2f4 Fix some typos in comments 2016-07-26 14:43:41 +02:00
Victor Roemer
398dea397c Fix Makefile for OSX
Bump base SDK from 10.5 -> 10.7
Just use the builtin __APPLE__
2016-06-12 17:17:33 -04:00
SmileTheory
3bd7a8d842 Search for mods in steam path as well as home and base paths. 2015-09-25 04:52:17 -07:00
SmileTheory
f860a753e0 Add Steam's Quake 3 Arena dir to game dirs on Windows. 2015-09-17 02:53:19 -07:00
Zachary J. Slater
87e0bf6eaf Better language, less tense 2015-08-28 18:19:29 -07:00
Zachary J. Slater
4667210e1d more helpful error message
Can’t find your pak0.pk3? Here’s where we tried looking.
2015-08-28 10:36:46 -07:00
Zack Middleton
c7500bb28e Don't segfault in FS_CreatePath when there are no path seperators 2015-07-12 20:06:24 -05:00
Zack Middleton
67d9ecd070 Fix FS_FOpenFileReadDir non-zero file handle when file not found in pk3
If a pk3 search path is passed to FS_FOpenFileReadDir, a non-zero
file handle is returned if file is not found. This causes incorrect
behavior in FS_ReadFileDir (when a pk3 search path is passed in)
which only checks file handle, not length, for seeing if file exists.

I don't know of any issues in ioq3 caused by this.
2014-03-18 20:49:52 -05:00
Zack Middleton
2d45e57068 Support FS_SEEK_END and negative offset for zipped files in FS_Seek
Use FS_SEEK_END in sound code instead of working around it.
If FS_SEEK_SET and going to current position, just return.
2013-11-08 18:43:34 -06:00
Zack Middleton
c69db4a400 Remove unused variable baseOffset from fsh[] 2013-11-08 18:43:20 -06:00
Zack Middleton
90c98c90a3 Fix VM FOpenFile( FS_READ ) files seeking twice in FS_Seek 2013-11-08 18:42:56 -06:00
/dev/humancontroller
120e296a74 fix some OOB enumerator usages
(should be no-op with usual compiler workings)
2013-05-30 15:48:49 -05:00
/dev/humancontroller
9d626b6a12 drop some useless return statements 2013-05-30 15:43:21 -05:00
Harley Laue
1b2a6abed9 Rename FS_CheckFilenameIsNotImmutable to ..IsMutable 2013-04-24 14:45:37 -05:00
Zack Middleton
6c88bf8aee Rename FS_CheckFilenameIsNotExecutable to ..NotImmutable 2013-04-24 14:14:13 -05:00
Zack Middleton
936db459ee Don't allow modifying qvms or pk3s
Exception for allowing pk3s to be downloaded.
2013-04-24 14:11:18 -05:00
Zack Middleton
b95d8a91aa Fix referencing pk3 with only qagame QVM 2013-04-22 16:21:46 -05:00
Zack Middleton
a7317ac0d5 Add fallback for __func__ (ioq3 isn't compiled as c99 by default)
Using Debian gcc version 4.7.2 and clang 3.0-6.1 anyway.
2013-04-20 21:28:21 -05:00
Tim Angus
98360bcd57 Fix some of the things clang --analyze flagged 2013-03-26 16:50:03 +00:00
Ensiform
9a752ce8cd Use PATH_SEP for a debug message in FS_FOpenFileReadDir 2013-03-18 14:44:34 -05:00
Zack Middleton
2e45edb550 5717 - Gamecode can open file "" for reading 2013-02-15 21:08:47 -06:00
Zack Middleton
6f88df262c Don't add pk3dirs if connecting to a pure server
Only .cfg etc would be read from pk3dirs, but they should be treated like pk3s that are not on the pure list.
2013-02-11 19:15:14 -06:00
Zack Middleton
ebee21157c Change pk3dir README / comments to fit in better 2013-02-11 18:02:40 -06:00
Andrew Browne
37a9614179 5289 - Support for .pk3dir 2013-02-11 17:58:24 -06:00
Tim Angus
70b165ee33 Fix screwed up whitespace in files.c
Apologies to anyone merging this :(
2013-01-13 22:26:09 +00:00
Tim Angus
5fd456ff7c Fix FS_FOpenFileRead corner case
FS_FOpenFileRead is a fairly mental function that changes its return
behaviour depending on whether or not file is NULL or not. It turns out
in the case where file is NULL, we were returning the wrong value when
the file didn't exist.
2013-01-13 22:26:09 +00:00
Zack Middleton
82f83cd092 Fix some "> MAX_*" to be ">= MAX_*". 2012-11-18 19:09:54 +00:00
Zack Middleton
d092ba6627 Fix restoring fs_game when default.cfg is missing. 2012-10-26 01:27:16 +00:00
Thilo Schulz
b5456faaea Revert pk3dir patch because some users report the code gets stuck in an infinite loop in the new code 2012-07-02 01:03:55 +00:00
Thilo Schulz
b757968839 Support for .pk3dir (#5298) - Patch by Andrew (dersaidin@gmail.com) 2012-07-01 18:00:18 +00:00
Zack Middleton
ad5c5c32a6 REFACTOR [reletive -> relative]
From /dev/humancontroller.
2012-06-18 16:32:03 +00:00
Zack Middleton
c211114cb0 #5462 - do not require clients to have a matching qagame.qvm (adapted from OpenArena) 2012-05-07 22:26:03 +00:00
Thilo Schulz
7eba074ce4 Allow VM_Restart to load unpure qagame.qvm so that local server won't crash after map_restart if server operator has qagame.qvm residing outside pak file (#5196)
Thanks to "rg3" for providing a shell account
2011-09-27 22:16:07 +00:00
Zack Middleton
b14c6d581c Use correct variable for getting buffer length, reported by Ensiform. 2011-09-19 02:10:17 +00:00