CVE-2005-0983 Fixed q3msgboom

CVE-2005-0983 Quake 3 engine, as used in multiple games, allows remote attackers to cause a denial of service (client disconnect) via a long message, which is not properly truncated and causes the engine to process the remaining data as if it were network data. Luigi Auriemma q3msgboom from Tim Angus in ioquake svn 95 git 33a48a0336865a9d21983e4836920cd9f3401101 Fixed q3msgboom from http://www.quakesrc.org/forums/viewtopic.php?t=5374
2024-11-21 20:01:10 +00:00 · 2013-05-07 02:01:44 +10:00 · 2013-05-07 02:01:44 +10:00 · 983705084a
commit 983705084a
parent 14f42588a8
1 changed files with 8 additions and 0 deletions
--- a/codemp/server/sv_main.cpp
+++ b/codemp/server/sv_main.cpp
@ -160,6 +160,14 @@ void QDECL SV_SendServerCommand(client_t *cl, const char *fmt, ...) {
 	vsprintf ((char *)message, fmt,argptr);
 	va_end (argptr);

+	// Fix to http://aluigi.altervista.org/adv/q3msgboom-adv.txt
+	// The actual cause of the bug is probably further downstream
+	// and should maybe be addressed later, but this certainly
+	// fixes the problem for now
+	if ( strlen ((char *)message) > 1022 ) {
+		return;
+	}
+
 	if ( cl != NULL ) {
 		SV_AddServerCommand( cl, (char *)message );
 		return;